Apple has patched a number of serious security bugs in Mac OS X and OS X Server.
Apple released
advisories and updates last week to address approximately 25 security vulnerabilities in Mac OS X and OS X Server.
Many of the bugs are serious, allowing for privilege escalation and/or remote code execution, although all of these appear to require either local access or some form of user action. For example, consider
CVE-2007-0646: "Opening a help file with a maliciously-crafted name may lead to an unexpected application termination or arbitrary code execution." (This is a leftover from the Month of Apple Bugs in January.)
Possibly more dangerous is CVE-2007-0735: "Visiting malicious websites may lead to an unexpected application termination or arbitrary code execution."
As usual you can download the updates from
the Apple Downloads site or just use the Software Update option in the Apple menu.
Copyright 2007 by Ziff Davis Media, Distributed by United Press International
Related stories:
DNA Barcodes: Are They Always Accurate?
(PhysOrg.com) -- DNA barcoding is a movement to catalog all life on earth by a simple standardized genetic tag, similar to stores labeling products with unique barcodes. The effort promises foolproof food inspection, improved border security and better defenses against disease-causing insects, among many other applications.
Study: DNA barcoding in danger of 'ringing up' wrong species
DNA barcoding is a movement to catalog all life on earth by a simple standardized genetic tag, similar to stores labeling products with unique barcodes. The effort promises foolproof food inspection, improved border security, and better defenses against disease-causing insects, among many other applications.
Critical QuickTime Update Released
Apple has fixed a bad QuickTime security flaw exposed at a recent security conference.
iTunes blocked in China; Tibet album suspected
(AP) -- Customers in China of Apple Inc.'s iTunes online music store were unable to download songs this week, and an activist group said Beijing was trying to block access to a new Tibet-themed album.
iPhones-Macintosh computers become apples of hackers' eyes
Security specialists said Saturday that hackers are taking increasing aim at iPhones and Macintosh computers as the hot-selling Apple devices gain popularity worldwide.
Location spoofing possible with WiFi devices
Apple iPhone and iPod (touch) support a new self-localization feature that uses known locations of wireless access points as well as the device's own ability to detect access points. Now ETH Zurich researchers have demonstrated that positions displayed by the devices using this system can be falsified, making the use of this self-localization system unsuitable in a number of security- and safety-critical applications.
Attack on computer memory reveals vulnerability of widely-used security systems
A team of academic, industry and independent researchers has demonstrated a new class of computer attacks that compromise the contents of “secure” memory systems, particularly in laptops.
Your personality type influences how much self-control you have
A new study from Northwestern introduces personality types used frequently in consumer research to the realm of self-improvement. People are motivated by one of two fundamental needs: they are either “promotion-focused,” seeking products that will help them achieve hopes and aspirations, or they are “prevention-focused,” seeking items that help achieve a need for safety and security. According to the research, people are better able to exercise self-control when they choose goal-pursuit strategies – such as diets or money management – that “fit” with their promotion or prevention focus.