Apple Patches Safari and Core Mac OS X Components
Information Week reports Apple on Monday released security updates for its Mac OS X and Windows customers that repair vulnerabilities in a number of Mac operating system components, as well as Apple’s Safari Web browser and the Flash and Shockwave browser plug-ins. Mac versions of the Security Update 2007-009 update are available for Mac OS X 10.4.11 and Mac OS X 10.5.1. The Windows version, Safari 3 Beta Update 3.0.4 Security Update, is available for XP and Vista users.
“Several of these issues are rather serious, so we strongly advise installing these updates at your earliest convenience,” said Maarten Van Horenbeeck, an Internet Storm Center handler and a security consultant for Verizon.
If exploited, the listed vulnerabilities could allow remote code execution, denial of service, data exposure, cross-site scripting, privilege escalation, and file deletion.
The patched applications for the 10.5.1 update include CF Network, Core Foundation, CUPS, Flash Player Plug-in, Launch Services, perl, python, Quick Look, ruby, Safari, Samba, Shockwave Plug-in, and Spin Tracer.
