Apple pumps out 30 security fixes

Apple has fixed 30 vulnerabilities in 22 applications for Mac OS X on the day when administrators can normally expect a raft of fixes from Microsoft. 

The second Tuesday of the month is known for security fixes from Microsoft, but this month's 'Patch Tuesday' is solely the domain of Apple.

Fourteen of the patched Apple vulnerabilities could lead to remote code execution, while most of the others allowed privilege elevation or caused application crashes.

Among the most potentially serious is a flaw in Apple's Disk Images that could allow an attacker to remotely execute malware by way of a specially crafted web page.

The vulnerability was disclosed during January's Month of Apple Bugs project and was classified by security company Secunia as 'highly critical', the company's second-highest alert level. 

Other Mac OS X components receiving fixes for remote code execution vulnerabilities include the Mac OS X kernel, the AppleTalk networking component, and the QuickDraw image processing software.

For users with Mac OS X 10.4 and later, the security fixes are part of a larger Mac OS 10.4.9 update. Users running Mac OS X 10.3 can download the fixes under the name Security Update 2007-003.

Both versions are available through Apple's Software Update system component.

The update is the third security fix issued by Apple this year, and largest single security update since May 2006 when the company released 31 patches. 

Like this story? Spread the news by clicking below:

 del.icio.us     Digg this     reddit!