NEWS
Apple on Wednesday issued a security update that fixes 18 vulnerabilities including several that put computers running Mac OS X at risk of remote code execution if a maliciously crafted image is viewed.
In addition to fixing a problem with how PNG images are handled, Security Update 2009-003 fixes issues related to ImageIO's handling of OpenEXR images, EXIF metadata, as well as Canon RAW images and images with an embedded ColorSync profile.
The update, which arrives as part of the release of Mac OS X v10.5.8, extends the list of content types the Mac OS X will flag as potentially unsafe when downloaded from the web. It also fixes a problem with how XML content is handled and resolves the way the kernel handles AppleTalk response packets.
Apple also identified and fixed a problem with MobileMe. Signing out of MobileMe does not remove all credentials and a person with access to the local user account could continue to access associated systems.
Comments
There is 1 comment. Join the discussion
1. Gareth Evans
So where are all the comments from outraged commentators about what a disgrace Apple are and how could anyone chose such an insecure platform ? This is what happened to Microsoft every time they fessed up to security problems.
Surely it couldn't be that ALL OSes and browsers have security holes in them but until they had some modicum of success that the bad guys ignored them.