Apple Plugs OS X Vulnerabilities Major Security Update Released for 'Highly Critical' Flaws Ryan Naraine
Apple Computer has rolled out a major security update to fix several vulnerabilities in its flagship Mac OS X Panther client platform.
The patch, which is rated "highly critical" by security research firm Secunia, addresses security flaws that put Mac OS X users at risk of sensitive data leakage, Denial of Service (DoS) attacks, and system access.
According to an Apple advisory, the Mac OS X 10.3.5 update corrects multiple vulnerabilities in libpng that can be exploited by malicious hackers to compromise a user's system.
The U.S. government's Computer Emergency Readiness Team (US-CERT) has previously issued a warning that bugs in libpng, the reference library that supports the Portable Network Graphics (PNG) image format, could allow a remote attacker to commandeer a vulnerable machine.
The upgrade also includes improved support for NTFS formatted volumes, updates for ATI and NVIDIA graphics drivers, updated Mail and Image Capture applications, and improved compatibility for third-party applications, Apple said.
Also patched are specific vulnerabilities in Apple's Safari Web browser. The upgrade plugs a hole that could open the door to phishing attacks and addresses a flaw that could be used by a malicious Web site to steal sensitive information from forms.
