dcsimg
 

Apple Plugs OS X Vulnerabilities

Tuesday Aug 10th 2004 by Ryan Naraine

Apple Computer Tuesday rolled out a major security update to fix several vulnerabilities in its flagship Mac OS X Panther client platform.

Apple Computer Tuesday rolled out a major security update to fix several vulnerabilities in its flagship Mac OS X Panther client platform.

The patch, which is rated "highly critical" by security research firm Secunia, addresses security flaws that put Mac OS X users at risk of sensitive data leakage, Denial of Service attacks and system access.

According to an Apple advisory, the Mac OS X 10.3.5 update corrects multiple vulnerabilities in libpng that can be exploited by malicious hackers to compromise a user's system.

The U.S. government's Computer Emergency Readiness Team (US-CERT) has already issued a warning that bugs in libpng, the reference library that supports the Portable Network Graphics (PNG) image format, could allow a remote attacker to commandeer a vulnerable machine.

The upgrade also includes improved support for NTFS formatted volumes; updates for ATI and NVIDIA graphics drivers; updated Mail and Image Capture applications; and improved compatibility for third-party applications, Apple said.

Also patched are specific vulnerabilities in Apple's Safari Web browser. The upgrade plugs a hole that could open the door to phishing attacks and addresses a flaw that could be used by a malicious Web site to steal sensitive information from forms.

This article was originally published on internetnews.com.

Home
Mobile Site | Full Site