Apple has released a security update that fixes 11 vulnerabilities in the OS X operating system. The patched vulnerabilities include holes in both OS X Panther 10.3 and OS X Tiger 10.4.
While most of the repairs target arbitrary vulnerabilities, such as a way to circumvent a check for unsafe file formats by changing a file name, others represent more serious holes that could allow buffer overflow attacks or give hackers root access.
Another hole affecting both versions of the operating system was caused by multiple flaws in the PHP scripting language. The vulnerabilities could allow for remote denial of service attacks and the execution of arbitrary code.
The update also plugs some holes unique to OS X 10.4, including a vulnerability in the AFP server that was susceptible to a buffer overflow attack after which arbitrary code could be executed. The AFP server allows Windows computers to access files on a Mac through a network.
Another OS X 10.4 hole in CoreGraphics allowed console users to gain root access that could allow unprivileged users to launch commands.
Lastly, the patch fixes an error that gives users root access if a computer is used as a virtual private network server. The flaw could be exploited remotely through the internet. The same hole affected OS X 10.3.9, but was fixed last May.
Separate patches for OS X 10.3.9 and OS X 10.4.1 are available for download through the Apple Software Update service or online here.
Kicking Palantir off of AWS is among their demands, too
Rafaela Vasquez was watching The Voice at the time of the crash, new evidence shows
PUBG price slashed on Steam after selling more than 50 million copies - as daily player numbers plunge
Use the same password for every website? It might be time to change them all