Many of the problems are flaws in the operating system's underlying open-source software, including a critical flaw in the Kerberos authentication system--software that can act as a gatekeeper for computer networks. The patch is available for Mac OS X 10.3.5 and Mac OS X 10.3.4, and also fixes issues in Mac OS X 10.2, known as "Jaguar."
"All security enhancements...are also available for Jaguar, if the issue could occur on Jaguar systems," a security advisory from the company said.
The patch fixes software flaws that could enable an attacker to crash or freeze the Apache 2 Web server, run software by utilizing Apple's Safari Web browser or expose the password store used by the network. Security information provider Secunia/news:link> ranked the Kerberos threat as "highly critical," its second-highest danger rating.
Apple has pointed to open-source software as a source of security for the company's operating system. While open-source projects tend to release patches as soon as possible, Apple and other companies have moved to more occasional releases of collections of patches.
Microsoft releases fixes once a month, a move that database software maker Oracle has started to do this month as well.
Apple's advisory, with details of the update, is available on the company's Web site.
