Apple patches 58 vulnerabilities for Mac OS X and Snow Leopard
Apple has issued a fix for 58 vulnerabilities in its Mac OS X operating system.
Among the updates is an upgrade to version 10.6.2 of Mac OS X Snow Leopard to fix a number of ‘stability and compatibility' update for users. This includes a fix for a bug that deleted user data when a guest account was used, which caused uproar among users last month.
Security Update 2009-006 has also been released for users of Mac OS X 10.5.8 who have not yet upgraded to Snow Leopard. Among the patches is four fixes for QuickTime, which cover a memory corruption issue and a heap buffer overflow in the handling of H.264 movie files, and buffer overflows in QuickTime's handling of MPEG-4 video files and FlashPix files.
Mac users can update their computers via the regular Software Update process, or download a patch directly from Apple Downloads.
Graham Cluley, senior technology consultant at Sophos, said: “It can't be emphasised strongly enough the importance of keeping your computer patched. Even though there are many more attacks against Windows users than Mac OS X users, that does not mean that Apple fans are completely ignored by the hacking and cybercriminal community.
“It is extremely critical that all computer users take their computer security seriously, or risk having their systems and data breached. Of course you would be wise, before rolling out patches like this to a large number of computers, to test it out on a select number first - just in case there are any incompatibility issues.”
Andrew Clarke, senior vice president of Lumension, commented: "The Apple patches are a not so subtle reminder that patching is no longer just a Microsoft only issue. The Apple 10.6.2 update addresses 43 specific issues related directly to 54 CVE cataloged security issues, 22 of which potentially allow a bad guy to execute arbitrary code and yes, some remotely."