Apple Fixes 15 Flaws, Updates Mac OS X To 10.4.8 - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
News
News
9/29/2006
08:10 PM
50%
50%

Apple Fixes 15 Flaws, Updates Mac OS X To 10.4.8

Four of the bugs are in Flash, the Adobe-sold animation player bundled with Mac OS X.

Apple Computer Inc. on Friday updated Mac OS X 10.4 to patch 15 vulnerabilities in the operating system and bundled software that can let attackers run malicious code, crash the computer, or gain unauthorized access to the machine.

According to the alert that Apple released alongside the update, more than half of the fixed flaws can lead to "arbitrary code execution." In plain English, that means a hacker could hijack the Mac and install his own software on the system. Four of the bugs are in Flash, the Adobe-sold animation player bundled with Mac OS X.

A vulnerability in Safari, Apple's Web browser, could let malicious sites pose as trustworthy URLs with SSL (Secure Sockets Layer) indicators, said the alert, while in another, a specially-crafted JPEG2000 image could be used to trigger a buffer overflow to compromise the computer.

One of the more dangerous vulnerabilities outlined by Apple is a memory management error in WebKit's handling of certain HTML. Simply viewing a malicious Web site could result in a hacked Mac. WebKit is Apple's version of the open-source browser engine used by Safari and other OS X components, including Mail and the Dashboard.

The Friday update is the first OS-wide security fix in nearly two months, although other components, including Apple's own QuickTime, have been patched since then.

The update -- as well as a similar security update for users of Mac OS X 10.3 (Panther) that includes only 8 patches -- can be downloaded from the Apple Web site, or retrieved using the operating system's own auto update tool.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Slideshows
What Digital Transformation Is (And Isn't)
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/4/2019
Commentary
Watch Out for New Barriers to Faster Software Development
Lisa Morgan, Freelance Writer,  12/3/2019
Commentary
If DevOps Is So Awesome, Why Is Your Initiative Failing?
Guest Commentary, Guest Commentary,  12/2/2019
Register for InformationWeek Newsletters
Video
Current Issue
The Cloud Gets Ready for the 20's
This IT Trend Report explores how cloud computing is being shaped for the next phase in its maturation. It will help enterprise IT decision makers and business leaders understand some of the key trends reflected emerging cloud concepts and technologies, and in enterprise cloud usage patterns. Get it today!
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll