Security Update 2007-009 fixes 42 Leopard vulnerabilities

Security Update 2007-009 fixes 42 Leopard vulnerabilities

Summary: Security Update 2007-009 (35.4MB) addresses 42 vulnerabilities in first update to Mac OS 10.

SHARE:
TOPICS: Security
2

Security Update 2007-009 (35.4MB) addresses 42 vulnerabilities in first update to Mac OS 10.5.1 (Leopard) and is waiting in your Software Update. According to Apple:

Security Update 2007-009 fixes 42 Leopard vulnerabilitiesSecurity Update 2007-009 is recommended for all users and improves the security of the following components:

Core Foundation CUPS Flash Player Plug-in Launch Services perl python Quick Look ruby Safari Samba Shockwave Plug-in Spin Tracer

 

Apple's security update document (Article 61798) explicitly states that "For the protection of our customers, Apple does not disclose, discuss or confirm security issues until a full investigation has occurred and any necessary patches or releases are available."

In case you're wondering what the update really fixes, Beta Wize Blog breaks it down for us:

  • FNetwork--patch to keep the system from automatically downloading files from malicious Web sites into arbitrary folders.
  • CUPS--fixes for a memory corruption issue in the handling of Internet Printing Protocol tags that could lead to an application crash or arbitrary code execution.
  • Flash Player Plug-in--fixes Adobe vulnerabilities.
  • Launch Services--Keeps the system from opening a maliciously crafted HTML file may lead to information disclosure or cross-site scripting
  • Mail--keeps Leopard from opening an executable mail attachment may lead to arbitrary code execution with no warning.

You can rest the rest over at Beta Wize Blog.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

2 comments
Log in or register to join the discussion
  • Good!

    Find the problems, fix them, and move on. Like a big cat in the wild. Find the prey, Kill it, eat it, and move on.
    blackjack861
  • RE: Security Update 2007-009 fixes 42 Leopard vulnerabilities

    Good thing Apple. Now can you update java as fast as Sun release their updates too. Also please update your development tools for the developers like gcc since it is has stuck on version 4.0 for a very long time and the current version of gcc is 4.2.2.
    phatkat