You are here: silicon.com > Software > Security Strategy

Security Strategy

Apple Mac OS X security holes get plugged with latest update

Images, downloads put through tougher checks

Tags: os x, mac, apple

Printer Friendly Email Story RSS

By Elinor Mills

Published: 6 August 2009 08:37 GMT

Apple on Wednesday issued a security update that fixes 18 vulnerabilities including several that put computers running Mac OS X at risk of remote code execution if a maliciously crafted image is viewed.

In addition to fixing a problem with how PNG images are handled, Security Update 2009-003 fixes issues related to ImageIO's handling of OpenEXR images, EXIF metadata, as well as Canon RAW images and images with an embedded ColorSync profile.

The update, which arrives as part of the release of Mac OS X v10.5.8, extends the list of content types the Mac OS X will flag as potentially unsafe when downloaded from the web. It also fixes a problem with how XML content is handled and resolves the way the kernel handles AppleTalk response packets.

Apple also identified and fixed a problem with MobileMe. Signing out of MobileMe does not remove all credentials and a person with access to the local user account could continue to access associated systems.

Original article: Apple fixes hole with Mac OS X image viewing from CNET News.com

Add Comment Add comment  Printer Friendly Print story with   Email Story Email story  
In
Applications

Operating Systems

SOA/Web Services

Malware

Security Strategy


Reader Comments

So where are all the comments from outraged commen...
Gareth Evans

Click here to see all

Related Links

Photos: Apple tablet: What's on our wish list

Apple loses Google boss as Schmidt steps down from board

Apple plugs iPhone SMS flaw

Apple puts Google on a leash over Latitude for iPhone

Minority Report: Will Apple open up to 'iTunes killer' Spotify?

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Tim Ferguson Exclusive: Former MySQL boss Marten Mickos talks open source Why Microsoft could become one of the "biggest friends of open source" and why Oracle getting its hands on MySQL could be "one of the biggest open source coups ever"...

Naked CIO Naked CIO: Cloud computing more expensive than we thought? Smart IT leaders will examine the impact of how they pay for tech

UK ID cards rollout hit by delay as launch date revealed

Bletchley Park's World War Two codebreakers in their own words

'You're responsible for your own wi-fi security' say ISPs

'UK must up privacy safeguards following Phorm'

The top 10 technologies you need to plan for next year


  • Jobs
iPhone/Mac Software Engineer

Experience Required: - A minimum of 2 years experience of software development for iPhone and/or Mac OS X using Cocoa and Objective C Understanding ...

Technical Support Engineer - French Speaking

Windows 2000, Windows NT, Novell, Lotus Notes, Mac OS). Support Engineer required by Logic Engagements Ltd to work for our client, based in ...

Mac/PC Support Engineer –Mac OSX, Adobe, Quark, Windows, Server 2003, AD

Technical skills Mac OS X, preferably 10.4-10.6 Basic hardware knowledge Remote Desktop for Mac and Windows Mac/PC Support Engineer –Mac OSX, ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.

CEO Dashboard Management: Why Creating Visual Reports You Can't Hide From Will Help...

Virtual Private Servers (VPS)

Looking for a fast payback? 10 Minutes with Free Tool Can Save Thousands

The Truth About Wasteful Spending on Software: How to Stop Giving Your Software Vendors...

Martin Brokers cashes in on back-up swap

VocaLink makes virtualisation pay

Sony Pictures sets sights on best IT Oscar

Co-op Group kicks "server sprawl" into touch

Arts Council gets tech troubleshooting boost

Torex tech treats Thorntons to quicker sales

Stories from the web...


Salesforce.com makes more friends in the cloud

Google sheds light on netbook plans for Chrome OS

How to squeeze the last drops of savings from an outsourcing contract

Salesforce.com plans social networking for business

Outsourcers to fall victim to cloud computing rush?

Office 2010: Beta launched




Quick Sitemap Links: