Tuesday, March 18,2008 @ 5:15pm
Major security update fixes AFP, CUPS, more
Apple today unveiled Security Update 2008-002, which provides a number of fixes for several system vulnerabilities found in AFP, CUPS, AppKit, and several other system-level resources. Most of the vulnerabilities revolve around maliciously crafted URLs granting access to system-level privileges, while others allow users to bypass system security. The majority of fixes are for Mac OS X 10.4 Tiger and Tiger Server users, while some apply to the 10.5 Leopard equivalents.
The update also fixes several Denial of Service issues, as well as application termination or unexpected restart/shutdown occurrences. Leopard and Leopard Server authenticated print queues were also addressed, as a certain exploit could lead to a malicious user discovering login information through a vulnerability in communication protocols.