On UrbanBaby: Working Mother Confession
BNET Business Network:
BNET
TechRepublic
ZDNet
129 TalkBacks

By Joris Evers
Posted on ZDNet News: Nov 29, 2006 12:11:00 AM

Apple Computer on Tuesday released a security update for Mac OS X to repair 31 vulnerabilities, including a zero-day Wi-Fi hijack flaw.

Apple's Security Update 2006-007 includes fixes for flaws in Apple's own code as well as third-party components that ship with the Mac OS X operating system, such as Perl, PHP and OpenSSL. Several of the vulnerabilities could allow full system compromises, according to Apple's security alert.

However, Apple's update does not address all publicly known flaws in the operating system. Over the past few weeks bug hunters, as part of an initiative called the Month of the Kernel Bugs, have published details on several new vulnerabilities in Mac OS X. One of those was tagged "highly critical" by security-monitoring company Secunia.

"Apple hasn't fixed any of the bugs published during the Month of Kernel Bugs, except for the AirPort issue," said "LMH," the code name of the security researcher who started the Month of the Kernel Bugs. "Apple users are still exposed to any potential risks related to those unpatched issues."

The security hole in the AirPort driver software affects Macs that shipped with Apple's original AirPort card, Apple said. An attacker nearby the computer could commandeer a vulnerable system by sending it a malicious network packet, according to Apple's alert.

Other flaws addressed by the Apple update could let Macs be compromised through malicious sites, rigged compressed files or malicious font files, Apple said. The update also fixes four flaws in the Mac OS X Security Framework, the worst of which could crash Macs or display expired security certificates as still valid, Apple said.

The Security Update 2006-007 for Mac OS X client and server software is available from the Software Update pane in Mac OS System Preferences, or Apple's downloads Web site. Apple recommends Mac users install it.

SponsoredWhite Papers, Webcasts, and Downloads

  • Talkback
  • Most Recent of 129 Talkback(s)
Interesting
I never lock my front door. I have never been robbed. Is it because I havbe good security, or is it because I live so far from anyone it isn't worth the drive for the criminal to come walk through my front door and steel my 25 year old TV and my 4 year old laptop?... (Read the rest)
Posted by: kodakmak Posted on: 12/04/06 You are currently: a Guest | | Terms of Use
So much for Apple being prompt ...  ShadeTree | 11/28/06
Might be it's not a big deal  Ken_z | 11/28/06
But that isn't what the zealots say  NonZealot | 11/28/06
RE: Apple Mac OS X patch plugs 31 vulnerabilities  Protagonistic | 11/29/06
Hey now!  toadlife | 11/28/06
700% 5-Year Stock Rally Speaks for Itself  savatar | 11/28/06
When you talk about value it is not ...  ShadeTree | 11/28/06
Stock Market isn't in a Bubble  savatar | 11/29/06
And it still has nothing to do with security.  ShadeTree | 11/29/06
One of the biggest selling points of OSX is security  MacGeek2121 | 11/29/06
bragging about security on an ...  ShadeTree | 11/30/06
How does iPod sales imply Mac/OS X security??? (NT)  3D0G | 11/29/06
Rally has NOTHING to do with the MACs  djalan | 11/30/06
Ohh, stop,  cashaww | 11/29/06
So your arguement is that because ...  ShadeTree | 11/28/06
BillJ  Someguy2 | 11/28/06
And since marketshare doesn't matter...  NonZealot | 11/28/06
Incorrect.  ShadeTree | 11/28/06
Interesting  kodakmak | 12/04/06
More or less...  Fred Fredrickson | 11/28/06
As long as that same standard is applied ...  ShadeTree | 11/28/06
RE: As long as that same standard is applied ...  Protagonistic | 11/29/06
depends.  cashaww | 11/29/06
Apple fixes security flaws regularly  MacGeek2121 | 11/29/06
I agree..  cashaww | 11/29/06
Mac vs PC  Brians673 | 11/29/06
Amen! Mac and PC are equally  fuzzy2k | 11/30/06
As much as I like Windows...  A_Pickle | 11/28/06
It would seem that Linux and OSX suffer from ...  ShadeTree | 11/28/06
Not confused....just happy  Laff | 11/28/06
Once again if you had followed what I said in the ....  ShadeTree | 11/29/06
How does one find a security issue/hole if not for testing?  Laff | 11/29/06
RE: How does one find a security issue/hole if not for testing?  joe6pack_z | 11/29/06
Yuppers read it....  Laff | 11/29/06
Don't confuse people  fuzzy2k | 11/30/06
RE: It would seem that Linux and OSX suffer from ...  Protagonistic | 11/29/06
I think  cashaww | 11/29/06
We won't discuss Microsofts still unfixed Drive-By Spyware Install problem.  BitTwiddler | 11/28/06
Let's discuss it.  ShadeTree | 11/29/06
It's called FUDD and you're spreading it!  MacGeek2121 | 11/29/06
Nah...  Badgered | 11/30/06
Explanation?  fuzzy2k | 11/30/06
Message has been deleted.  Kobashrer | 11/28/06
patch cycle.....  Kobashrer | 11/28/06
So you now speak for ...  ShadeTree | 11/28/06
That reply sounded suspiciously like one I would have made  Scrat | 11/29/06
Kobashrer can speak for me!!  mod71 | 11/29/06
Well I stand corrected ...  ShadeTree | 11/29/06
Don't you have to...  Rick_K | 11/29/06
It is not a double count at all.  ShadeTree | 11/29/06
That's a load of Bull  Rick_K | 11/30/06
Apple Mac OS X patch plugs 31 vulnerabilities  Loverock Davidson | 11/28/06
Re: Done With it  joedokes | 11/28/06
Let me guess  Loverock Davidson | 11/29/06
You don't have a clue!  ShadeTree | 11/29/06
actually  Badgered | 11/29/06
In Fairness..  Sabalo | 11/29/06
Re: Done with it  mbrierley | 11/30/06
Hey Lovey  Shelendrea | 11/29/06
Hi Shelly  Loverock Davidson | 11/29/06
But that  Shelendrea | 11/29/06
Cut and paste  tic swayback | 11/29/06
As many times as I want to  Loverock Davidson | 11/29/06
I just expect better from you  tic swayback | 11/29/06
Not unlike "patch a pc"...  jasonp@... | 11/29/06
RE: Not unlike "patch a pc"  gigabot71 | 11/30/06
Well Superman thought he was invincible too  Carrion | 11/28/06
In the land of warrior giants there was once lived  rpmtl22 | 11/28/06
Hey Mr.Tree........  Kobashrer | 11/28/06
add 1 vote to that  galileon | 11/28/06
I'll second that !  Intellihence | 11/29/06
Sometimes it's what you don't say...  Scrat | 11/29/06
You contradict yourself.  ShadeTree | 11/29/06
Security Shmurity  Sabalo | 11/29/06
Hey NonZealot--  tic swayback | 11/29/06
I believe what he said was you ...  ShadeTree | 11/29/06
By that definition then....  tic swayback | 11/29/06
A very poor attempt at humor.  ShadeTree | 11/29/06
Ah, I see  tic swayback | 11/29/06
Interesting point  Badgered | 11/29/06
Actually...  Rick_K | 11/29/06
You state a new kernel but isn't it in fact ...  ShadeTree | 11/29/06
RE: Actually...  Badgered | 11/29/06
Glad to be of help.  Rick_K | 11/30/06
It is not my definition.  ShadeTree | 11/29/06
Semantics, at best  tic swayback | 11/29/06
So when Mcrosoft doesn't follow a ...  ShadeTree | 11/30/06
Wow, you sure showed him!!!  NonZealot | 11/29/06
You're wrong tic...  MacCanuck | 11/29/06
I must say  Shelendrea | 11/29/06
Hmmm. . . .  999ad@... | 11/29/06
I feel the same way however  Shelendrea | 11/29/06
Point taken, for sure.  999ad@... | 11/29/06
A very sensible approach.  ShadeTree | 11/29/06
OS X = UNIX, expect vulnerabilities and patches  mrs1622 | 11/29/06
I'm with Ken_Z!!!  mod71 | 11/29/06
Apple Software Update already downloaded  turnitup | 11/29/06
OS Vulnerabilities...  Amyisraelchai | 11/29/06
The one I care about... and the one they didn't do...  Resuna | 11/29/06
Pull the advertising  TonyMcS | 11/29/06
Absolutely!  Alber1690 | 11/29/06
The advertising is still correct  Martin Pilkington | 11/29/06
Right on!!  JohnM865 | 11/29/06
I wish they would  Boot_Agnostic | 11/30/06
whats wrong int he advertisments?  doh123 | 11/30/06
31+ bugs for Mac OS versus how many for Windows?  YuridaMan | 11/29/06
Wow, OSX is now bug free??!!  NonZealot | 11/29/06
Stop bashing any OS you bash bashers  Boot_Agnostic | 11/29/06
Bashing  trm1945 | 11/29/06
So you windoz heads should like OSX more now  ralphrides | 11/29/06
Those windoz heads  Boot_Agnostic | 11/30/06
re: So you windoz heads should like OSX more now  deepee912 | 11/30/06
get it right  gigabot71 | 11/30/06
Mac patching and updating is much better than Windows  MacGeek2121 | 11/29/06
You have no idea what you're talking about  darreno1 | 11/29/06
Thanks for the update apple!  hirez | 11/29/06
imagine  hirez | 11/29/06
RE: imagine  gigabot71 | 11/30/06
"every malware writer!" giggle giggle giggle  hirez | 11/30/06
yawn... i dont care much  mdakhirs@... | 11/30/06
Help me with patching please??  mbrierley | 11/30/06
ynnuF  Badgered | 11/30/06
Why must you  fuzzy2k | 11/30/06
What if I never patched my Mac in the last 4 yrs?  Reverend MacFellow | 11/30/06
There ya go... That's the spirit!  Badgered | 11/30/06
Maybe there needs to be some money to win  Boot_Agnostic | 12/01/06
Ever seen an IT dept in a workplace that run Mac?  hirez | 11/30/06
Re: Ever seen an IT dept in a workplace that run Mac?  fuzzy2k | 12/01/06
Not really  Boot_Agnostic | 12/02/06

What do you think?

advertisement
advertisement
Click Here

White Papers, Webcasts, and Downloads