Apple patches 26 security flaws

Holes expose users to arbitrary code execution

Tom Sanders in California

Apple has released a security update that repairs 26 vulnerabilities in its OS X operating system and bundled applications.

Of the patched security holes, 17 could expose the user to an arbitrary code execution.

Advertisement

Four of the remaining vulnerabilities could lead to disclosure of confidential information, two could cause an application to crash. A local user in three cases could exploit a flaw to gain additional user rights.

Apple doesn't provide severity ratings for the security holes it discloses in its software. Some of the arbitrary code execution flaws would generally be considered the most severe vulnerabilities because an attacker can exploit them without any user interaction.

The update, for instance, repairs four arbitrary code execution vulnerabilities in the way that OS X handles images in the GIF, RAW or Radiance formats. An attacker could exploit those by placing a specially crafted image on a website or send it as an email attachment.

Users can obtain the patch through the software update feature in OS X or download the patch from Apple's website.

  • Have your say
  • Send to a friend
  • Print
  • Digg
  • Reddit
  • Share

Tags:

Do you agree?

Related whitepapers

Related jobs

Most watched

V3.co.uk weekly debrief, 13 Nov 09

This week we discuss the inaugural V3.co.uk Summit

Summit: Salesforce.com on SaaS and information overload

How web services contribute to data headaches

Analysis and Reports

Remote access - Three steps to getting connected

3.4 million UK professionals now work from home – is your company equipped?

Cost benefits of a global collaboration network

This white paper is a must read for organisations looking for evidence of the bottom-line benefits of high-definition video and voice communications

Poll

Impact of Information Overload poll

Impact of Information Overload poll

What is the biggest problem your firm faces as a result of the data explosion?

View poll results

Advertisement

White paper library

Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you over 6,000 white papers, case studies and analyst reports.

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Enter email address to edit your newsletter preferences

Job of the week

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Hiring now on ComputingCareers:

Related IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Advertisement

Spotlight

V3.co.uk weekly debrief, 13 Nov 09

This week we discuss the inaugural V3.co.uk Summit

Fingers on keyboard

New Flash vulnerability discovered

Web sites could be vulnerable to Flash attacks

Chris Adams

Summit: Microsoft Office to the rescue

Chris Adams, Office Client product manager for Microsoft UK, explains...

Illegal downloader

Industry and human rights campaigners united in opposition to "three strikes" plan

Critics says government proposals to curb illegal downloading are unworkable...

Primary Navigation