Apple Patches 31 Mac OS X Bugs - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Software // Enterprise Applications
01:01 PM

Apple Patches 31 Mac OS X Bugs

Unlike Microsoft and other vendors, Apple doesn't rank or rate the vulnerabilities it patches, but about two-thirds of the bugs could result in an attacker hijacking an unpatched Mac.

Apple Computer on Tuesday updated its Mac OS X operating system to patch 31 vulnerabilities, including a wireless bug that went public Nov. 1 as the first flaw in a month-long disclosure campaign.

The security update, Apple's seventh of the year, fixes flaws in its own operating system code as well as in several third-party applications and components bundled with Mac OS X. Among the former are three bugs in the OS's font rendering system and four in its security framework. Third-party problems range from a bug in the ClamAV antivirus protection included with the server edition of Mac OS X to a flaw in Samba, an open-source file- and print-sharing system of services for Microsoft Windows.

Unlike Microsoft and other vendors, Apple doesn't rank or rate the vulnerabilities it patches. But about two-thirds of the bugs could result in what Apple called "arbitrary code execution," which means an attacker could, with a working exploit, completely compromise and hijack an unpatched Mac.

A fix for the Airport wireless driver in a number of older Mac machines—eMac, iBook, iMac, PowerBook G3, PowerBook G4, and Power Mac G4 systems—was one of the most prominent, as it led off the well-publicized "Month of Kernel Bugs" campaign. In September, Apple patched several other wireless vulnerabilities after an internal audit prompted by news the previous month that researchers had uncovered flaws in the company's wireless software.

Eight other Mac OS X vulnerabilities disclosed by the bug-a-day project weren't patched by the Tuesday update. At least one has been labeled as "highly critical" by Danish vulnerability tracker Secunia.

Security Update 2006-007 is available in versions for Mac OS X clients and servers in separate editions for Intel- and PowerPC-equipped systems. The 11-Mbyte to 46-Mbyte update can be retrieved via Mac OS X's integrated software update feature or downloaded manually from the Apple site.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
10 Ways to Transition Traditional IT Talent to Cloud Talent
Lisa Morgan, Freelance Writer,  11/23/2020
What Comes Next for the COVID-19 Computing Consortium
Joao-Pierre S. Ruth, Senior Writer,  11/24/2020
Top 10 Data and Analytics Trends for 2021
Jessica Davis, Senior Editor, Enterprise Apps,  11/13/2020
White Papers
Register for InformationWeek Newsletters
Current Issue
Why Chatbots Are So Popular Right Now
In this IT Trend Report, you will learn more about why chatbots are gaining traction within businesses, particularly while a pandemic is impacting the world.
Flash Poll