Apple today released a monster update to provide belated cover for at least 41 security holes in its flagship Mac operating system.
With Security Update 2007-008 and Mac OS X v10.4.11, Apple patches multiple "highly critical" flaws that could cause unexpected system shutdowns, drive-by-malware downloads and remote code execution attacks.
The company also shipped a new version of Safari for Windows (beta) to patch 10 browser vulnerabilities affecting Windows XP and Vista users.
Some of the most serious vulnerabilities include:
CVE-2007-4691: A case-sensitivity issue exists in NSURL when determining if a URL references the local file system. This may cause a caller of the API to make incorrect security decisions, potentially leading to the execution of files on the local system or network volumes without appropriate warnings.
CVE-2007-4689: A double-free issue exists in the handling of certain IPV6 packets, which may lead to an unexpected system shutdown or arbitrary code execution with system privileges.
CVE-2007-4690: A double free issue in NFS may be triggered when processing an AUTH_UNIX RPC call. By sending a maliciously crafted AUTH_UNIX RPC call via TCP or UDP, a remote attacker may cause an unexpected system shutdown or arbitrary code execution.
CVE-2007-4681: A one byte buffer overflow may occur in CoreFoundation when listing the contents of a directory. By enticing a user to read a maliciously crafted directory hierarchy, an attacker may cause an unexpected application termination or arbitrary code execution.
CVE-2007-4682: An uninitialized object pointer vulnerability exists in the handling of text content. By enticing a user to view maliciously crafted text content, an attacker may cause an unexpected application termination or arbitrary code execution.
The Mac OS X update also fixes a denial-of-service bug in AppleRAID, a cache-poisoning issue in ISC BIND 9, multiple race conditions in bzip2, an implementation issue in CFFTP, several CFNetwork vulnerabilities, a code execution hole in the Flash Player Plug-in, a pair of Kerberos code execution issues and several kernel vulnerabilities.
The Safari 3 Beta patch is also a high-priority update that fixes code execution holes in the browser. It is available for Windows XP and Vista.