MacUpdate Weekend Sale :This weekend MacUpdate has slashed prices on Painter 12 and Painter Lite. Painter 12 retails for $429, but has been reduced by 54% to $199. Painter Lite has seen a 58% price cut from $69 to $29. Hurry, because these deals are only available until May 19th 2013.      
toggle

AAPL Stock: 433.26 ( -1.32 )

http://www.macnn.com/articles/08/12/15/mac.os.x.1056.security/

Apple patches 21 security flaws in Mac OS X 10.5.6

updated 02:05 pm EST, Mon December 15, 2008

 

Mac OS X 10.5.6 security


Fresh after announcing the general changes in Mac OS X 10.5.6, Apple has posted a list of the security updates present in the new code. The company has for instance addressed several possible Trojan attacks, launched through images, PDF documents, CPIO archives, ISO files and web cookies. Similarly, Apple has expanded the list of potentially unsafe file types which will trigger Mac OS' Download Validation feature.

New arbitrary code executions in the Flash plug-in have been blocked, and two kernel issues have been fixed: one in which a local hacker could gain system privileges, and a second in which running executables linking to dynamic libraries would cause a crash. Three API vulnerabilities have meanwhile been fixed in Libsystem, all of which could allow arbitrary code execution or produce crashes.

Apple has lastly addressed a glitch in which managed screensaver settings would not apply; a denial-of-service attack allowed by Internet Sharing; and an access bypass for the administrative controls of Podcast Producer, found in Mac OS X Server.


by MacNN Staff

Post tools:

TAGS :

 security, Mac OS X, Mac OS X Server, Apple

Related Articles

Recent Articles

toggle

Comments

  1. Guest

    Fresh-Faced Recruit

    Joined: Nov 1999

    +2
    12/15, 02:38pm | report spam | Reply |

    What, no link?

    Here is the link to the security page: http://support.apple.com/kb/HT3338

  1. Mimi-mim

    Fresh-Faced Recruit

    Joined: Aug 2007

    -4
    12/15, 03:52pm | report spam | (1 reply) Reply |

    Why not put it in 10.5.6?

    I don't understand why Apple releases security patches and OS patches at the same time. Why not just put all of the security fixes in the OS patch? Does Apple separate the two because some people with 10.5.5 might not want to upgrade to 10.5.6, but would want the apply security updates? Seems strange to me, because anyone worried about functionality changes in an OS patch would probably also worry about changes in functionality brought about by a security fix.

    Is that what's going, or does Apple maintain separate security and OS updates for some other reason?

  1. galley

    Fresh-Faced Recruit

    Joined: Jun 2006

    +2
    12/15, 04:38pm | report spam | Reply |

    Re: Why not put it in

    The security patches described are indeed part of the OS X 10.5.6 update, based upon what I've read. The separate security update provides the same patches for OS X 10.4. Note in the text of this article: "Apple has posted a list of the security updates present in the new code".

  1. Feathers

    Grizzled Veteran

    Joined: Oct 1999

    +2
    12/15, 04:42pm | report spam | Reply |

    Tiger...Nomadman

    er...10.4.x** is known as Tiger not Leopard!

  1. VinitaBoy

    Fresh-Faced Recruit

    Joined: Oct 2001

    -2
    12/16, 10:08am | report spam | Reply |

    Re: Why not put it in . .

    Why not run your butt out to Cupertino, Mimi-mim, and apply for a job at Apple? Seems to me you've got it all figured out (as do most anonymous, uncredentialed, omniscient, mega-intellects on the web), so I'm sure Steve will snatch you up in a heartbeat.

    Hmm. Something in a Brad Paisley/Jason Alexander music video springs to mind here. You not only LOOK better online, Mimi: you're much SMARTER here as well.

Login Here

Not a member of the MacNN forums? Register now for free.

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Brother HL-3170CDW LED Printer

We've mentioned before that we are far from a paperless society. For now, at least, there are tasks that require a piece of paper for ...

HTC One

It is hard to overstate just how critically important the HTC One is to the Taiwanese company’s fortunes. Despite its alarming decline ...

Samsung Galaxy S 4

Samsung's new flagship Android smartphone, the Galaxy S 4, faces even stiffer competition than its popular predecessor. With a five-in ...

toggle

Most Commented

 

Popular News