- V3 Apps
Apple has posted an update to address security flaws in its OS X Server platform.
The 2.2.1 update will fix three remote code execution vulnerabilities in the server platform, which could have allowed an attacker to install malware on a targeted system without user notification or permission.
Apple said that the update would address remote code execution flaws in the XML and Ruby on Rails components for the OS X Server Profile Manager. Two additional patches address remote code execution flaws in the handling of XML and JSON code in the Wiki Server software.
The company is advising users and administrators to download and install the update from the App Store service.
The update addresses an OS X Server platform which Apple now offers as a $20 application download on the Mac App Store. The company had previously offered OS X Server as a separate operating system, though more recent versions of OS X have offered the server platform as an add-on to the desktop OS X installation.
Apple has rolled back its server business in recent years. Along with discontinuing the standalone OS X Server operating system, Apple discontinued its Xserve hardware line.
The update comes just hours after Apple posted another update which enabled use of the Java browser plugin for OS X. The company had previously disabled Java through an update to its Xprotect security component.