Apple has released a security update that fixes 11 vulnerabilities in the OS X operating system. The patched vulnerabilities include holes in both OS X Panther 10.3 and OS X Tiger 10.4.
While most of the repairs target arbitrary vulnerabilities, such as a way to circumvent a check for unsafe file formats by changing a file name, others represent more serious holes that could allow buffer overflow attacks or give hackers root access.
Another hole affecting both versions of the operating system was caused by multiple flaws in the PHP scripting language. The vulnerabilities could allow for remote denial of service attacks and the execution of arbitrary code.
The update also plugs some holes unique to OS X 10.4, including a vulnerability in the AFP server that was susceptible to a buffer overflow attack after which arbitrary code could be executed. The AFP server allows Windows computers to access files on a Mac through a network.
Another OS X 10.4 hole in CoreGraphics allowed console users to gain root access that could allow unprivileged users to launch commands.
Lastly, the patch fixes an error that gives users root access if a computer is used as a virtual private network server. The flaw could be exploited remotely through the internet. The same hole affected OS X 10.3.9, but was fixed last May.
Separate patches for OS X 10.3.9 and OS X 10.4.1 are available for download through the Apple Software Update service or online here.
Some parts of Atacama have not received rainfall for 500 years - but a sudden deluge of water upset the Desert's delicate biological balance
Spitzer Space Telescope could not spot Oumuamua, suggesting that it is actually pretty small
Greenland crater one of the 25 largest impact craters on Earth
This long-sought progenitor star was identified in an image captured by Hubble in 2007