Update for Mac OS X closes a host of security holes
Apple has released its OS updates close on the heels of Microsoft's patchday. As well as closing numerous security holes in Mac OS X 10.4 and 10.3.9, the updates also include general bug fixes and new versions of installed programs such as Safari 3.
Eight of the security vulnerabilities allow intruders to infiltrate and execute malicious program code via manipulated websites, files or network packets. Affected components include the Flash Player plugin, CoreFoundation, CoreText, IPv6, the NFS Server, NSURL as well as Safari and the WebCore. Another seven vulnerabilities allow local users to force the system to shut down or permit them to extend their rights within the system. Apple mentions the components AppleRAID, the kernel, AppleTalk and SecurityAgent in this respect. Apple lists a total of 39 bugs in system components and in third-party software that have been fixed by the update. Most of these could lead to intruders obtaining or manipulating sensitive data.
Updates are available for the Mac OS X 10.3.9 and server versions as well as for Mac OS X 10.4 up to and including 10.4.10 and their respective server versions. These are being supplied via automatic updates but can also be downloaded directly from Apple. Users are advised to apply the updates as quickly as possible.
- About the security content of Mac OS X 10.4.11 and Security Update 2007-008, overview of the security holes closed by Apple
- About the Mac OS X 10.4.11 Update, overview of the programs and functions updated by Apple
- Download update for Mac OS X 10.3.9 client (49 MB)
- Download update for Mac OS X 10.3.9 Server (63.4 MB)
- Download combo update to Mac OS X 10.4.11 Client for Intel processors (321.5 MB)
- Download combo update to Mac OS X 10.4.11 Client for PowerPC processors (180.8 MB)
- Download update to Mac OS X 10.4.10 Client for Intel processors (128 MB)
- Download update to Mac OS X 10.4.10 Client for PowerPC processors (67.9 MB)
- Download combo update to Mac OS X 10.4.11 Server with universal binaries (425 MB)
- Download combo update to Mac OS X 10.4.11 Server for PowerPC processors (242 MB)
- Download update to Mac OS X 10.4.10 Client for PowerPC processors (109 MB)