|Network Security Consulting SecurityFocus Article
Apple Wraps Up 21 Flaws For Holidays
Apple released an update to its Mac OS X operating system on Monday, closing 21 security holes in various components, including the software's kernel, core services and the Adobe Flash Player plug-in.
The patch, which upgrades the operating system to version 10.5.6, fixes at least a half dozen vulnerabilities that could allow remote-execution attacks. The fix for the Flash Player closed seven security holes, forcing users to patch issues that Adobe fixed a month ago. One of two kernel issues fixes a critical flaw that could allow remote attacks, and a vulnerability in the operating system's Core Graphics library could enable an attack via specially-crafted images.
In October, Apple fixed at least 40 vulnerabilities in its operating system, but mainly closed holes in the open-source components.
The latest update also fixes a number of non-security issues, including problems with the iChat messaging software, Mail e-mail program, and printing and networking issues. Apple describes these fixes on its Web site.
If you have tips or insights on this topic, please contact SecurityFocus.
Posted by: Robert Lemos