If exploited, the vulnerabilities could allow remote code execution, denial of service, data exposure, cross-site scripting, privilege escalation, and file deletion.
Apple on Monday released security updates for its Mac OS X and Windows customers that repair vulnerabilities in a number of Mac operating system components, as well as Apple's Safari Web browser and the Flash and Shockwave browser plug-ins.
"Several of these issues are rather serious, so we strongly advise installing these updates at your earliest convenience," said Maarten Van Horenbeeck, an Internet Storm Center handler and a security consultant for Verizon Business, in a blog post.
If exploited, the listed vulnerabilities could allow remote code execution, denial of service, data exposure, cross-site scripting, privilege escalation, and file deletion.
The patched applications for the 10.5.1 update include CF Network, Core Foundation, CUPS, Flash Player Plug-in, Launch Services, perl, python, Quick Look, ruby, Safari, Samba, Shockwave Plug-in, and Spin Tracer.
The 10.4.11 update fixes issues in Address Book, CUPS, ColorSync, Core Foundation, Desktop Services, Flash Player Plug-in, gnutar, iChat, IO Storage Family, Launch Services, Mail, perl, python, ruby, Samba, Safari, Shockwave Plug-in, SMB, Spotlight, tcpdump, and XQuery.
These two updates bring Apple's total number of security fixes this year to 36, some of which have dealt with vulnerabilities in new products like the iPhone and Apple TV. In 2006, Apple released 22 security updates.
Last week, Apple released a fix for its QuickTime media software and for several Java vulnerabilities.
Building A Mobile Business MindsetAmong 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps – and it's past time for those with no plans to get cracking.
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.