Apple corrects 10 security flaws

By Derek Sooman on
Apple has from Friday released updates to its Mac OS X operating system that address 10 security flaws. These range in severity, however the most serious of the flaws could put users at risk of code-execution attacks.

Security alerts aggregator Secunia Inc. rates the latest patch as "highly critical" and warned that malicious hackers could bypass security settings to launch cross-site scripting, system disclosure, privilege escalation and system access attacks.
According the Apple, one of the most serious of the flaws could allow a buffer overflow in ImageIO using a specially crafted GIF (Graphics Interchange Format) files, resulting in the execution of arbitrary code. Another flaw, which exists in the Safari browser, is an issue where maliciously crafted Web archives could allow cross-site scripting.

"It is possible to view web archives served from remote sites in Safari," Apple explained. "Maliciously crafted web archives may be rendered as content from sites that did not serve them. This update prevents remote Web archives from being loaded."
Users of the operating system can download and install the security update via the operating system's "Software Update" preferences.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.