Apple Releases Security Update 2005-007 -- Apple Computer today released Security Update 2005-007 for both client and server versions of Mac OS X 10.3.9 Panther and Mac OS X 10.4.2 Tiger. The update includes a number of patches to Apple software (such as Mail, Safari, under-the-hood technologies like the Quartz and CoreFoundation frameworks, and, in Mac OS X Server 10.4.2, the Server Admin tool used to create firewall policies). Apple also patched components of Mac OS X's Unix underpinnings, including OpenSSL, the X11 windowing system, Apache 2, CUPS, Kerberos, and zlib. Apple recommends all Mac users install this update since it addresses several security problems which could, in theory, enable a remote attacker to access data on the computer, create user accounts, execute arbitrary programs, or let URLs bypass Mac OS X's built-in security check when clicked. The update is available from Apple via Software Update and at the first URL below; the download ranges from 13.3 MB to 29.9 MB, depending which version of Mac OS X you need to update. Apple details the changes included in Security Update 2005-007 at the second URL below. [GD]
Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the TidBITS Content Network for Apple consultants.