Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Mammoth Apple OS X Update Patches 88 Flaws

Apple, in its most recent Security Update 2010-002 as well as Mac OS X version 10.6.3, patched a whopping 88 security flaws within 43 separate constituents of OS X. The flaws allow malware to infect users of OS X or hijack their computers by inducing them to open a specifically crafted file.

Considered as 'critical,' the Mac OS X v10.6.3 update addresses vulnerabilities, which could allow execution of remote code, disclosure of information, and launching of DOS attacks. At times, an attacker could even take total control of a Mac system via making the user to just see a malevolent movie or image file.

The flaws addressed with the update exist in QuickTime, AppKit, CoreTypes, CoreMedia, Image RAW, Image10 and DiskImages. It also addresses the cavities within various open source constituents such as ClamAV, Apache, PHP and MySQL.

Aside this, Apple also patched a flaw in CoreAudio that is related to a problem of memory distortion while handling audio content encoded with QDM2. If users play a malevolently crafted audio piece, it could result in a sudden termination of software or running of malicious code. Apple addresses this problem via better bounds checking.

Furthermore, there existed certain flaw in Wiki Server as well. If a hacker successfully uploaded an especially crafted applet and also tricked a user of Wiki Server into seeing it, a remote hacker could acquire sensitive information. To address the issue, an authentication cookie of one-time employment is needed that is used merely to pull down one particular attachment. The problem solely affects Mac OS X Server machines, while leaves versions 10.6 and later unaffected.

Regarding the released updates, security specialists stated that Apple taking long for setting updates isn't unusual. However, the current update is quite different. One vulnerability among the many covered is CVE-2003-0063 within the X11 constituent. That vulnerability was revealed in February 2003. Yet another security hole within the iChat Server was disclosed back in 2006. Nine more were disclosed in 2008 and thirty in the year 2009. Of all the problems detected, 27 are considered to be potential enough to cause execution of remote code, the specialists added.

Related article: Month Of Apple Bugs Kicks Off

» SPAMfighter News - 4/7/2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Press Releases - IT Security News

Go back to previous page
Next
-->

Products

SPAMfighter
SLOW-PCfighter
FULL-DISKfighter
DRIVERfighter
VIRUSfighter
SPYWAREfighter
Anti spam / Anti virus business solutions

About

Company
Contact us
Press room
Support
Blog
Sign up for newsletters

Partnerships

Become a partner
Become a reseller
Find a reseller
Become an affiliate
White Label Software

Social media

Facebook
Twitter
Youtube
LinkedIn
© SPAMfighter 2003-2024    All rights reserved.    Privacy Statement    Sitemap