Security Update 2006-004 released

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred, and any necessary patches or releases are available. To learn more about Apple Product Security, visit the Apple Product Security website.

According to VUnet.com:

Of the patched security holes, 17 could expose the user to an arbitrary code execution.

Four of the remaining vulnerabilities could lead disclosure of confidential information, two could cause an application to crash. A local user in three cases could exploit a flaw to gain additional user rights and in one instance

As always, I recommend waiting at least 72 hours then checking with sites like MacFixIt and Apple's Mac OS X Apple Discussion Forum before installing any software updates. After any initial issues have been addressed, download the update via Software Update. More details are available in knowledge base Article ID: 304063.

Processor and OS specific versions of the update are also available:

• Security Update 2006-004 (10.3.9 Client) [29.5MB]
• Security Update 2006-004 (10.3.9 Server) [42.7MB]
• Security Update 2006-004 Mac OS X 10.4.7 Client (Intel) [8.3MB]
• Security Update 2006-004 Mac OS X 10.4.7 Client (PPC) [5.4MB]