Apple has released Security Update 2007-004, which fixes a wide variety of obscure security holes and includes new versions of several open source components of Mac OS X, including fetchmail and ftpd. Of particular interest are fixes to Mac OS X's file sharing client software, the elimination of several bugs identified by the Month of Apple Bugs project, and fixes for holes in the Login Window authentication dialog. Academic users should also note that Security Update 2007-004 addresses three different exploits aimed at the Kerberos secure authentication support in Mac OS X. The update is available in four versions, for Mac OS X 10.4 for PowerPC-based Macs (9.3 MB) and for Intel-based Macs (16.1 MB), and for Mac OS X 10.3.9 Client (37.6 MB) and Server (54.1 MB). Or just let Software Update do the job for you.
Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the TidBITS Content Network for Apple consultants.