If exploited, the vulnerabilities could allow remote code execution, denial of service, data exposure, cross-site scripting, privilege escalation, and file deletion.
Apple on Monday released security updates for its Mac OS X and Windows customers that repair vulnerabilities in a number of Mac operating system components, as well as Apple's Safari Web browser and the Flash and Shockwave browser plug-ins.
"Several of these issues are rather serious, so we strongly advise installing these updates at your earliest convenience," said Maarten Van Horenbeeck, an Internet Storm Center handler and a security consultant for Verizon Business, in a blog post.
If exploited, the listed vulnerabilities could allow remote code execution, denial of service, data exposure, cross-site scripting, privilege escalation, and file deletion.
The patched applications for the 10.5.1 update include CF Network, Core Foundation, CUPS, Flash Player Plug-in, Launch Services, perl, python, Quick Look, ruby, Safari, Samba, Shockwave Plug-in, and Spin Tracer.
The 10.4.11 update fixes issues in Address Book, CUPS, ColorSync, Core Foundation, Desktop Services, Flash Player Plug-in, gnutar, iChat, IO Storage Family, Launch Services, Mail, perl, python, ruby, Samba, Safari, Shockwave Plug-in, SMB, Spotlight, tcpdump, and XQuery.
These two updates bring Apple's total number of security fixes this year to 36, some of which have dealt with vulnerabilities in new products like the iPhone and Apple TV. In 2006, Apple released 22 security updates.
Last week, Apple released a fix for its QuickTime media software and for several Java vulnerabilities.
Building A Mobile Business MindsetAmong 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps – and it's past time for those with no plans to get cracking.
InformationWeek Must Reads Oct. 21, 2014InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.