Apple Patches 31 Mac OS X Bugs - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Enterprise Applications
News
11/29/2006
01:01 PM
50%
50%

Apple Patches 31 Mac OS X Bugs

Unlike Microsoft and other vendors, Apple doesn't rank or rate the vulnerabilities it patches, but about two-thirds of the bugs could result in an attacker hijacking an unpatched Mac.

Apple Computer on Tuesday updated its Mac OS X operating system to patch 31 vulnerabilities, including a wireless bug that went public Nov. 1 as the first flaw in a month-long disclosure campaign.

The security update, Apple's seventh of the year, fixes flaws in its own operating system code as well as in several third-party applications and components bundled with Mac OS X. Among the former are three bugs in the OS's font rendering system and four in its security framework. Third-party problems range from a bug in the ClamAV antivirus protection included with the server edition of Mac OS X to a flaw in Samba, an open-source file- and print-sharing system of services for Microsoft Windows.

Unlike Microsoft and other vendors, Apple doesn't rank or rate the vulnerabilities it patches. But about two-thirds of the bugs could result in what Apple called "arbitrary code execution," which means an attacker could, with a working exploit, completely compromise and hijack an unpatched Mac.

A fix for the Airport wireless driver in a number of older Mac machines—eMac, iBook, iMac, PowerBook G3, PowerBook G4, and Power Mac G4 systems—was one of the most prominent, as it led off the well-publicized "Month of Kernel Bugs" campaign. In September, Apple patched several other wireless vulnerabilities after an internal audit prompted by news the previous month that researchers had uncovered flaws in the company's wireless software.

Eight other Mac OS X vulnerabilities disclosed by the bug-a-day project weren't patched by the Tuesday update. At least one has been labeled as "highly critical" by Danish vulnerability tracker Secunia.

Security Update 2006-007 is available in versions for Mac OS X clients and servers in separate editions for Intel- and PowerPC-equipped systems. The 11-Mbyte to 46-Mbyte update can be retrieved via Mac OS X's integrated software update feature or downloaded manually from the Apple site.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Commentary
Get Your Enterprise Ready for 5G
Mary E. Shacklett, Mary E. Shacklett,  1/14/2020
Commentary
Modern App Dev: An Enterprise Guide
Cathleen Gagne, Managing Editor, InformationWeek,  1/5/2020
Slideshows
9 Ways to Improve IT and Operational Efficiencies in 2020
Cynthia Harvey, Freelance Journalist, InformationWeek,  1/2/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
The Cloud Gets Ready for the 20's
This IT Trend Report explores how cloud computing is being shaped for the next phase in its maturation. It will help enterprise IT decision makers and business leaders understand some of the key trends reflected emerging cloud concepts and technologies, and in enterprise cloud usage patterns. Get it today!
Slideshows
Flash Poll