Security update fixes 15 flaws in Flash and Safari
vnunet.com, 02 Oct 2006
Apple has released a security update that fixes 15 different vulnerabilities in Mac OS X.
The update has been classified by security firm Secunia as 'highly critical', its second highest alert level, owing to the danger of remote code execution on unpatched systems.
Among the vulnerabilities is a flaw in the CFNetwork component used by Apple's Safari browser that could allow unauthenticated SSL sites to appear as authenticated.
This could leave a user vulnerable to fraudulent sites that would be presented as secure.
Fixes for Adobe Flash Player which Secunia has listed as 'highly critical' are also included in the update. The vulnerabilities could allow attackers to execute code remotely via a specially crafted .swf file.
Other fixes address vulnerabilities in PICT and jpeg2000 image handling components and several LoginWindow flaws.
The Mac OS X 10.4.8 update is for users with a version of MacOS X 10.4 or Mac OS X 10.4 server already installed. Security Update 2006-006 is for users running Mac OS X 10.3.9 and Mac OS X Server.
The security fix comes one week after Apple released a patch for vulnerabilities in its AirPort wireless networking components.
Remote access - Three steps to getting connected
3.4 million UK professionals now work from home – is your company equipped?
Cost benefits of a global collaboration network
This white paper is a must read for organisations looking for evidence of the bottom-line benefits of high-definition video and voice communications
Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you over 6,000 white papers, case studies and analyst reports.
Join our live chat session on Thursday at 11am to...
Researchers from security firm FireEye have been able to effectively...
Do you agree?
Have your say on this article