All the latest UK technology news, reviews and analysis
|
|
|
02 Mar 2006
Apple has released a security update that patches 20 holes in its OS X operating system and bundled applications.
Malware writers have released several high profile viruses in recent weeks, and security experts disclosed last week that they had found a critical security hole in the operating system.
"The update fixes the recently reported Leap-A and Safari security vulnerabilities," an Apple spokesman told vnunet.com.
The Safari vulnerability was exposed last week by German researcher Michael Lehn. The flaw could allow an attacker to launch arbitrary code on a Mac computer running the Safari browser through the use of a specially crafted website.
The Apple security update also contains a fix for a vulnerability in relation to the Safari flaw. It affects the way that the operating system unpacks and executes meta data in certain types of archives.
This could be exploited in combination with the Safari vulnerability or by persuading a user to open an email message containing a specially crafted archive file.
The update also changes some OS X security settings to protect users against worms such as Leap-A that were detected last month.
The worm spread through Apple's iChat instant messaging client by sending a file to the buddies in a user's contact list, warning users when they are downloading unknown or unsafe file types through the use of a feature called Download Validation.
The same feature is also used in the Mail application, but in this case attackers could disguise a file's type to bypass the security feature. The update closes this loophole.
Less severe vulnerabilities have also been repaired, such as a flaw in Directory Service that allows local users to create and manipulate files as a root user.
Attackers could have exploited another design flaw in the way that the software handled IPsec to launch a denial of service attack against virtual private networks.
Users can install the update through the auto update feature in the operating system or by downloading the patch from Apple's website here.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Sneak peek at the forthcoming glass-based machine
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Software Design Architect (Windows Database Application...
Lead Java Developer - Fast growing, young and international...
Job Specification Graduate Support Engineer...
Job Specification For: Software Developer...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Ha
Still better then any other OS on the market. NO MATTER WHAT response you come up with. Use one, you'll find out
Posted by: scott 02 Mar 2006
Im confused!?!
Wait...this is not what i have read..this is from apple.qj.net; Mac OS X Faces Greater Security Threat Than Windows XP..
Posted by: sensitive 02 Mar 2006