WirelessExaminer.com
Apple has released Mac update 2008-002 OS X for server and desktop versions of Tiger and Leopard.
  Latest News  Cell Phone  Internet  Network  Security  Technology  

Apple Mac OS X Security Update
Apple has released security Mac update 2008-002 OS X for server and desktop versions of Tiger and Leopard. About half of the vulnerabilities repaired are in open source applications, including Apache (10 advisories), Clam AV (9 advisories), MIT Kerberos 5 (4 advisories), and PHP (10 advisories). The other half were found in applications or components.

Apple has released security Mac update 2008-002 OS X for server and desktop versions of Tiger and Leopard. Most of the OS X flaws in question create the usual software hazards, such as buffer overruns and the essential ability to inject malicious code into an un-patched system.

Apple has released security Mac update 2008-002 OS X for server and desktop versions of Tiger and Leopard. About half of the vulnerabilities repaired are in open source applications, including Apache (10 advisories), Clam AV (9 advisories), MIT Kerberos 5 (4 advisories), and PHP (10 advisories). The other half were found in applications or components.

By: asdfa
Mar 19, 2008 20:42 PM GMT

Apple Mac OS X Security Update

Apple has released security update 2008-002 for Mac OS X for server and desktop versions of Tiger and Leopard.

Apple has pushed out several security updates this week starting with the Safari browser, and now it's OS X. The security updates, 2008-002, fixes more than 93 vulnerabilities in nearly every major component of its operating system and supporting software.

The Apple updates are available for server and desktop versions of Mac OS X Tiger (10.4. x) and Leopard (10.5.x). Mac users can grab the updates via the built-in Software Update feature. Safari for Windows users should run the bundled Apple Software Update program to grab the latest version.

If you include the Safari update, Apple has fixed at least 93 security vulnerabilities this week alone. However, most of the fixes for OS X versions are for third-party applications.

Most of the OS X flaws in question create the usual software hazards, such as buffer overruns and the essential ability to inject malicious code into an un-patched system.

While Apple doesn't characterize the vulnerabilities by severity, a significant number of them could allow a remote attacker to execute arbitrary code on the affected system. One of the more interesting fixes involves a cross-realm authentication issue with AFP Server. In this flaw, attackers may be able to create unauthorized connections to the server.

About half of the vulnerabilities repaired by Apple are in open source applications, including Apache (10 advisories), Clam AV (9 advisories), MIT Kerberos 5 (4 advisories), and PHP (10 advisories). The other half were found in Apple applications or components.

The affected software includes AFP Client, AFP Server, Apache, AppKit, Application Firewall, CFNetwork, ClamAV, CoreFoundation, CUPS, curl, Emacs, file, Foundation, Help Viewer, Image Raw, Kerberos, libc, mDNSResponder, notifyd, OpenSSH, pax archive utility, PHP, Podcast Producer, Preview, Printing, System Configuration, UDF, Wiki Server, and X11.

Filed Under: Apple News - Security News