Apple Releases Mega Patch
Apple Computer late Tuesday released an update to fix a whopping 20 security flaws in its flagship Mac OS X and warned that the most serious bugs could lead to remote code execution attacks.
Apple Computer Inc.'s Security Update 2005-005 includes patches for Mac OS X v10.3.9 and Mac OS X Server v10.3.9. It covers a wide range of vulnerabilities that could be exploited by remote or local attackers to execute arbitrary commands, trigger a denial-of-service condition or obtain elevated privileges.
The mega update comes just two weeks after the Cupertino, Calif.-based computer maker shipped patches for a range of potentially serious kernel and browser flaws. Since April 18, Apple has posted fixes for 28 Mac OS X vulnerabilities.
The latest update includes fixes for a buffer overflow in the Apache htdigest program and an integer overflow in the handling of TIFF files that could permit arbitrary code execution.