Mac OS X 10.5.3 closes security holes and fixes various bugs

Apple has done some spring cleaning. Security update 2008-003 and the update to Mac OS X 10.5.3 close a total of 26 security holes. Nine of them could be used to inject arbitrary program code.

The updates close critical holes in AppKit, Apple Pixlet Video, ATS, CoreFoundation, CoreGraphics, Help Viewer, iCal, ImageIO and Mail. In addition, Apple has replaced its Flash player plug-in with a patched version 9.0.124.0.

Users of Mac OS X are advised to download and install the updates as soon as possible. They are currently also being distributed via automatic software update. Users of Mac OS X 10.4 can download Security Update 2008-003, while the update to Mac OS X 10.5.3 remedies the problems under Leopard.

In addition to patching security holes, Apple's update to Mac OS X 10 .5.3 fixes several non-security bugs in addition to improving reliability and performance. In particular, Apple says the WLAN stack has been improved, and flaws in iCal, iChat, Mail, Time Machine and Spaces have also been remedied. In addition, the server update corrects flaws in the file server, directory services, client management, the DHCP server, the DNS server, and mail server. For more information, see the knowledge base entries on the updates.

See also:

• About the security content of Security Update 2008-003 / Mac OS X 10.5.3, overview of the security holes that Apple closed
• About the Mac OS X 10.5.3 Update, overview of the flaws corrected in Mac OS X 10.5.3 Leopard
• About the Mac OS X 10.5.3 Server update, overview of the flaws corrected in the server version of Leopard
• Mac OS X Server 10.5.3 Update (489 MB)
• Mac OS X Server 10.5.3 Combo Update (632 MB)
• Mac OS X 10.5.3 Update (420 MB)
• Mac OS X 10.5.3 Combo Update (536 MB)
• Security Update 2008-003 (Intel) (111 MB)
• Security Update 2008-003 (PPC) (72 MB)
• Security Update 2008-003 Server (Universal) (118 MB)
• Security Update 2008-003 Server (PPC) (89 MB)

(mba)