Apple Patches 67 Bugs In Mac Os X

[Peaches]

Apple patches 67 bugs in Mac OS X

Update fixes hack exploited at Pwn2Own contest

Gregg Keizer

"Apple has released a security update that patches 67 vulnerabilities in Mac OS X.

"Security Update 2009-002, which was bundled with the upgrade for Leopard to Mac OS X 10.5.7, and available separately for users of Tiger, plugged holes in BIND, CoreGraphics, Disk Images, Flash Player, iChat, Kerberos, QuickDraw Manager, Safari, Spotlight, WebKit and other bits and pieces of the operating system.

"For Apple, updates this size are now becoming the norm," said Andrew Storms, director of security operations at nCircle Network Security.

More than a third of the vulnerabilities - 26 of the 67 - were labeled with Apple's 'arbitrary code execution' description, meaning the flaws are critical in nature and could be exploited to hijack a Mac. Unlike many other vendors, such as Microsoft, Apple does not assign a threat ranking to the bugs it discloses.

Over half of the bugs were in open-source components or applications that Apple integrates with Mac OS X, including the Apache web server and the WebKit browser rendering engine that powers Safari."

PC Advisor for more details - http://www.pcadvisor.co.uk/securityadvisor...d=115746&sa