dcsimg

Apple Plugs OS X Vulnerabilities

By Ryan Naraine (Send Email)
Posted Aug 10, 2004


Apple Computer Tuesday rolled out a major security update to fix several vulnerabilities in its flagship Mac OS X Panther client platform.

Apple Computer Tuesday rolled out a major security update to fix several vulnerabilities in its flagship Mac OS X Panther client platform.

The patch, which is rated "highly critical" by security research firm Secunia, addresses security flaws that put Mac OS X users at risk of sensitive data leakage, Denial of Service attacks and system access.

According to an Apple advisory, the Mac OS X 10.3.5 update corrects multiple vulnerabilities in libpng that can be exploited by malicious hackers to compromise a user's system.

The U.S. government's Computer Emergency Readiness Team (US-CERT) has already issued a warning that bugs in libpng, the reference library that supports the Portable Network Graphics (PNG) image format, could allow a remote attacker to commandeer a vulnerable machine.

The upgrade also includes improved support for NTFS formatted volumes; updates for ATI and NVIDIA graphics drivers; updated Mail and Image Capture applications; and improved compatibility for third-party applications, Apple said.

Also patched are specific vulnerabilities in Apple's Safari Web browser. The upgrade plugs a hole that could open the door to phishing attacks and addresses a flaw that could be used by a malicious Web site to steal sensitive information from forms.

This article was originally published on internetnews.com.

Page 1 of 1


Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.