toggle

AAPL Stock: 112.65 ( + 3.24 )

Printed from http://www.macnn.com

Mac OS X security update addresses list of vulnerabilities

updated 05:25 pm EST, Mon November 9, 2009

Security fixes include online content, image files

Apple on Monday released Security Update 2009-006 for Leopard and Snow Leopard operating systems, including Server and Client editions. The update addresses a number of vulnerabilities, including an issue that could have allowed disk images using FAT filesystems to execute arbitrary code. Memory handling has also been improved with DirectoryService to prevent remote attacks.

Other Mac OS X security fixes relate to embedded fonts, NUL characters in SSL certificates, PDF file handling, TIFF images, H.264 files, HTTP headers, QuickTime, Spotlight, and more.

For Mac OS X Server systems, the update addresses a vulnerability that could have allowed attackers to use FTP to create directories on a system and terminate applications or run arbitrary code. The Event Monitor has also been tweaked to prevent remote attackers from connecting to the SSH server and causing denial-of-service issues as log data is processed. The Adaptive Firewall now detects SSH login attempts using invalid user names, helping to protect against brute force or dictionary attacks.

Security Update 2009-006 is available for all systems running Mac OS X 10.5.8 or higher. Apple on Monday also released Mac OS X 10.6.2, which contains many of the same security fixes as the Leopard update. [Client Download - 143MB] [Server Download - 231MB]




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. testudo

    Joined: Dec 1969

    0

    lest we forget

    That gigantic security hole that let OS X run on netbooks....

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lackin ...

toggle

Most Commented