Peaches Posted March 23, 2011 Report Share Posted March 23, 2011 Massive Security Update Released for Mac OS X March 22nd, 2011, 14:55 GMT| By Lucian ConstantiApple has released the first major security update for Max OS X in 2011, patching crtical vulnerabilities in various components and bundled software.The new Security Update 2011-001 is available for Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.6 and Mac OS X Server v10.6 through v10.6.6. In total, there were 54 vulnerabilities patched, including one reported by Charlie Miller and Dion Blazakis, the team that hacked the iPhone 4 at Pwn2Own. It's not clear if this is the same vulnerability they exploited for the iPhone hack, because it was supposed to affect MobileSafari, while this one is located in QuickLook and deals with the handling of Microsoft Office files.A privilege escalation vulnerability was identified and addressed in the Mac OS X kernel, while five arbitrary code execution ones exploitable through malformed images were fixed in the ImageIO component.Four more critical flaws related to font parsing were patched in ATS and an information disclosure bug got fixed in HFS (Hierarchical File System). The update also adds a definition for a piece malware called OSX.OpinionSpy to the File Quarantine component.Third-party software patched by this update includes Apache, ClamAV, Mailman, PHP, Ruby, Samba, Subversion and various libraries. Five QuickTime vulnerabilities, some of which can be exploited over the Web, are also covered. The 2011-001 security update was released at the same time as Mac OS X v10.6.7, a new version of the operating system which includes all of these fixes and many other non-security related enhancements.In order to remain protected users are strongly encouraged to either install the stand-alone security update or upgrade to Mac OS X v10.6.7, although it's worth pointing out that some people have experienced problems after installing the new OS version. http://news.softpedia.com/news/Massive-Security-Update-Released-for-Mac-OS-X-190924.shtml Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.