Apple security update fixes 46 bugs
Apple has released security update 2008-002 which fixes 46 vulnerabilities in Mac OS X and third party programs included with it. Twenty five of the vulnerabilities allow attackers to inject malicious code.
The update fixes vulnerabilities in AFP Client and AFP Server, Appkit, Application Firewall, CFNetwork, CoreFoundation, CoreServices, Foundation, Help Viewer, Image Raw, libc, Podcast Producer, Preview, printing, system configuration and UDF. Apple has also included updated software from third parties, previous versions of which in some cases contained critical vulnerabilities. These include Apache, ClamAV, CUPS, curl, Emacs, file, Kerberos, mDNSResponder, notifyd, OpenSSH, pax, PHP, Wiki Server and X11.
The Safari update released yesterday also fixes 13 security vulnerabilities, at least one of which could be exploited to inject and execute malicious code. The updates will be available via the automatic update system. Since the updates plug numerous critical holes, they should be installed as soon as possible.
- About Security Update 2008-002, security advisory from Apple
- About the security content of Safari 3.1, security advisory from Apple