Apple has released a security update that repairs 26 vulnerabilities in its OS X operating system and bundled applications.
Of the patched security holes, 17 could expose the user to an arbitrary code execution.
Holes expose users to arbitrary code execution
vnunet.com, 02 Aug 2006
Apple has released a security update that repairs 26 vulnerabilities in its OS X operating system and bundled applications.
Of the patched security holes, 17 could expose the user to an arbitrary code execution.
Four of the remaining vulnerabilities could lead to disclosure of confidential information, two could cause an application to crash. A local user in three cases could exploit a flaw to gain additional user rights.
Apple doesn't provide severity ratings for the security holes it discloses in its software. Some of the arbitrary code execution flaws would generally be considered the most severe vulnerabilities because an attacker can exploit them without any user interaction.
The update, for instance, repairs four arbitrary code execution vulnerabilities in the way that OS X handles images in the GIF, RAW or Radiance formats. An attacker could exploit those by placing a specially crafted image on a website or send it as an email attachment.
Users can obtain the patch through the software update feature in OS X or download the patch from Apple's website.

First Looks Editor Ian Williams gets hands on with the Sony Ericsson Xperia X1

Surviving veterans of the code-breaking facility to receive badge of...

Telco begins major rollout in 69 locations across the UK
Do you agree?
Have your say on this article