Security Update 2007-009 fixes 42 Leopard vulnerabilities

Security Update 2007-009 (35.4MB) addresses 42 vulnerabilities in first update to Mac OS 10.

Security Update 2007-009 (35.4MB) addresses 42 vulnerabilities in first update to Mac OS 10.5.1 (Leopard) and is waiting in your Software Update. According to Apple:

Security Update 2007-009 fixes 42 Leopard vulnerabilities
Security Update 2007-009 is recommended for all users and improves the security of the following components:

Core Foundation CUPS Flash Player Plug-in Launch Services perl python Quick Look ruby Safari Samba Shockwave Plug-in Spin Tracer

 

Apple's security update document (Article 61798) explicitly states that "For the protection of our customers, Apple does not disclose, discuss or confirm security issues until a full investigation has occurred and any necessary patches or releases are available."

In case you're wondering what the update really fixes, Beta Wize Blog breaks it down for us:

  • FNetwork--patch to keep the system from automatically downloading files from malicious Web sites into arbitrary folders.
  • CUPS--fixes for a memory corruption issue in the handling of Internet Printing Protocol tags that could lead to an application crash or arbitrary code execution.
  • Flash Player Plug-in--fixes Adobe vulnerabilities.
  • Launch Services--Keeps the system from opening a maliciously crafted HTML file may lead to information disclosure or cross-site scripting
  • Mail--keeps Leopard from opening an executable mail attachment may lead to arbitrary code execution with no warning.

You can rest the rest over at Beta Wize Blog.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All