Apple ships 50+ security updates
Apple has shipped a large security update for computers running its Leopard and Snow Leopard operating systems for the Mac. The bundle contains security fixes for more than 50 vulnerabilities, including updates for components like Adaptive Firewall, FTP server, QuickTime and Spotlight.
The update applies to Snow Leopard (10.6.x) and Mac OS X Leopard (10.5.8) systems, as well as OS X Server versions of these operating systems. Users can grab the patches directly from Apple Downloads or via the Mac's built-in Software Update feature.
Some of the individual fixes in these bundles are interesting in their own right. For example, Apple said that a vulnerability in Snow Leopard's Login Window could let a user log in to any account without supplying a password. Another update, this one for a bug in Leopard' Dictionary program, is limited to users on the local network, but gives a whole new meaning to the term "dictionary attack"; Apple said a maliciously crafted Javascript could allow a user on the local network to drop hostile code on another Mac user's system.
Read more about the individual updates here.
By
Brian Krebs
|
November 10, 2009; 10:57 AM ET
Categories:
New Patches
,
Safety Tips
| Tags: apple patch
Save & Share:
Previous: Nastygram: MySpace phish plants spy software
Next: Eight indicted in $9M RBS WorldPay heist
Posted by: nospamplease555 | November 12, 2009 2:56 AM | Report abuse
The comments to this entry are closed.
could u ask apple for a comment on the exact status of the keyboard firmware vulnerability from black hat? the security update says that now "system privileges" are required to send a firmware update to a keyboard. this doesn't sound like the problem has actually been patched...