Apple plugs 'critical' holes in OS X - News - Security

To print: Select File and then Print from your browser's menu

--------------------------------------------------------------
This story was printed from ZDNet Australia.
--------------------------------------------------------------

Apple plugs 'critical' holes in OS X

By Alorie Gilbert, CNET News.com
September 26, 2005
URL: http://www.zdnet.com.au/news/security/soa/Apple-plugs-critical-holes-in-OS-X/0,130061744,139214263,00.htm

Apple Computer released 10 security fixes to address Mac OS X flaws that security experts described as 'critical.'

Apple issued the patches, available through its Web site, on Thursday. The flaws affect versions 10.3.9 and 10.4.2 of the Mac OS X operating system, as well as related server software.

Symantec and the French Security Incident Response Team both said the vulnerabilities are serious and that the need to patch them is urgent. However, no exploits for them have been reported, Symantec noted in an alert sent to members of its DeepSight service on Friday.

The flaws expose affected machines to remote attack using arbitrary commands and e-mail interception, according to Apple's bulletin. Certain vulnerabilities could also be exploited for a denial-of-service attack, FrSirt said in an online advisory.

Apple declined to comment on the security patches on Friday.

The company has previously released patches for these Mac OS X versions. In one of its bigger security updates, the company last month unloaded fixes for 44 flaws. Last May, it released an update for 20 vulnerabilities, and in March, it distributed an update for a dozen security bugs.