To print: Click here or Select File and then Print from your browser's menu

This story was printed from silicon.com, located at http://www.silicon.com/

Story URL: http://software.silicon.com/os/0,39024651,39151405,00.htm

Apple releases more big cat security patches
Mac OS X and the 40 holes...

By Graeme Wearden

Published: Tuesday 16 August 2005

Apple has patched a number of security holes in its Panther and Tiger flavours of Mac OS X in its latest security update, released late on Monday.

Four patches were issued in total, covering the server and client versions of both Panther (Mac OS X 10.3.9) and Tiger (Mac OS X 10.4.2). The server patches address problems in 20 components, while the client patches fix 15 flaws.

According to security firm Secunia, more than 40 separate vulnerabilities are addressed by the four patches.

Several vulnerabilities that would allow attackers to cause a buffer overflows have been identified and fixed by Apple. One affected programs that use AppKit to open Microsoft Word documents. Another problem, which also affected Appkit, meant a user who opened a specially crafted rich text file could allow malicious code to run on their machine.

Apple also changed the way Bluetooth connections were handled, eliminating a bug in the System Profiler that causes it to display misleading information about whether or not a Bluetooth device requires authentication.

The Safari web browser has also been updated, fixing a flaw that could allow arbitrary command execution by clicking on a link in a maliciously crafted rich text file, and a bug that could mean Safari sends data to the wrong websites.

For more detail on the security flaws, and to download the patches, visit the Apple website.

Graeme Wearden writes for ZDNet UK