Apple plugs 43 security holes

Apple has fixed 31 security vulnerabilities in OS X and 12 in Quicktime

Apple has released security updates for its OS X operating system and Quicktime media player.

The OS X patch repairs 31 security vulnerabilities in the operating system and bundled applications. The Quicktime update tackles 12 vulnerabilities.

Apple does not provide severity ratings for vulnerabilities in its software, but security website Secunia issued a severity rating of 'highly critical' to both the Quicktime and OS X patches.

Such ratings typically indicate that the most severe security hole could allow attackers to execute code, but not before a user has first opened a specially crafted webpage or file.

The OS X update includes fixes for flaws in Apple-developed components including the Safari browser and Mail application.

It also offers several updates for third-party products bundled with the operating system such as the Flash player and the MySQL database inside OS X Server.

The OS X patch is between 12MB and 41.6MB depending on the version of the operating system and the hardware. 

The 49.1MB Quicktime download in addition to the security fixes also offers support for the iLife '06 suite of products and improved support for the h.264 digital video codec.

The security of Apple's operating systems is a much debated topic within the industry.

Antivirus and security vendor McAfee warned earlier this month that OS X users are complacent about security, suggesting that the number of newly detected bugs in OS X is outgrowing those in Windows.

Security researcher Tom Ferris published details in April about seven unpatched OS X vulnerabilities as well as proof-of-concept code. The update plugs all the holes that Ferris reported, he said on his blog.