Apple fixed 31 vulnerabilities in the seventh Mac OS X security update of the year, including a fix for a dangerous wireless driver flaw that could lead to arbitrary code execution.
That particular memory corruption vulnerability in the AirPort driver used in popular Macintosh laptops such as iBook and PowerBook, was reported by H.D. Moore as part of November's Month of Kernel Bugs project, an initiative kicked off by a security researcher using the handle LHM.
Mitchell Ashley, StillSecure CTO, told SCMagazine.com today said he thinks the driver flaw is the most significant fix because many Mac users rely on wireless connectivity.
The security update also corrects flaws in the Apple Type Services (ATS) server, the open-source ClamAV anti-virus toolkit and the CFNetwork framework. Vulnerabilities also were corrected in OS X's underlying open-source components, including OpenSSL, PERL (Practical Extraction and Reporting Language) and PHP (PHP Hypertext Preprocessor).
Vulnerability assessment firm Secunia rated the update "highly critical," with many of the 31 vulnerabilities remotely exploitable.
He said recent advertisements that market Macs as inherently more secure that Windows could backfire.
"I think the Apple community still believes they work with the most secure operating system, and I think it's time to realize that you have to take every operating system seriously and not be complacent about security," Ashley said.
He added that he would not be surprised if Apple began pushing out monthly updates as does Microsoft.
An Apple spokesperson could not be reached for comment today.
Click here to email Dan Kaplan.