All the latest UK technology news, reviews and analysis

Apple plugs five security holes

by Tom Sanders in California

29 Jun 2006

Comment: 1

  • Tweet this
Apple has released a security update for its OS X operating system that plugs five vulnerabilities
At least two of the repaired vulnerabilities could allow an attacker to take control

Apple has released a security update for its OS X operating system that plugs five vulnerabilities.

Apple does not issue severity ratings for vulnerabilities in its software, but at least two of the repaired vulnerabilities could allow an attacker to take control of a system.

The update to version 10.4.7 repairs a vulnerability in the way that OS X handles TIFF images which could be exploited through a specially crafted image. The vulnerability can cause an application to crash or allow for arbitrary code execution.

The ClamAV application that is bundled with the server version of the operating system could also allow an attacker to take over control of a system, Apple warned.

The attacker would have to set up a spoofed database mirror for the ClamAV antivirus application.

Of the remaining plugged holes, a vulnerability in the AFP server is vulnerable to a privilege escalation that can lead to disclosure of sensitive information.

The Launchd programme is suffering from a vulnerability that could allow a local user to gain additional privileges and the Open Directory Server and is susceptible to a security flaw that gives attackers an opportunity to crash the application.

Users can update their system through the update service built into OS X or by manually downloading the patch from the Apple support website.

Do you agree?

Add your comment

Depends how you spin it

Surely to some people this is proof that OS X has more vulnerabilities than Windows XP?

Posted by: TP 30 Jun 2006

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Security

Security padlock image

Mykonos looks to thwart hacker intelligence with Web Security Software

Related white papers

Related videos

Related articles

Related jobs

Today's top stories

Cloud computing use is a major government IT strategy

Government departments face possibility of open source 'spot checks'

Samsung Galaxy S III running Android Ice Cream Sandwich

Samsung Galaxy S3 launch fails to attract iPhone-like crowds

hurricane-irene

American Express predicts online hurricane to blow big business away

Poll

Flame virus poll

Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?

30%

2%

14%

54%

Features

The V3 hotseat

The V3 Hot Seat: Imperva CTO and co-founder Amichai Shulman

Flame in monitor screen

Quick guide to Flame malware attack

cookies

Quick guide to cookie law compliance

cookie

ICO sends out mixed messages on cookie law

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Riso

Colour printing: why the bill keeps outstripping the budget

The wrong printers, for the wrong tasks on the wrong contracts

Qlikview

Magic quadrant for business intelligence platforms

Who leads the BI pack and who should we be watching out for?

Technology jobs

Project Manager (FATCA)

A client, a major financial services organisation, is...

Sharepoint Administrator, Birmingham, West Midlands

Sharepoint Administrator, Sharepoint 2010, Sharepoint...

PLC Control Engineers Wanted!

Proteus Europe, operating as an employment business...

Salesforce.com Senior and Leads

Salesforce.com Senior Consultants and Leads Salesforce...

To send to more than one email address, simply separate each address with a comma.