Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.

Security Update 2007-005 Released

Send Article to a Friend

Apple has released its fifth Mac OS X security update of 2007 to patch a number of potential vulnerabilities. Security Update 2007-005 makes changes to CoreGraphics, iChat, VPN, BIND, crontabs, PPP, and other components, in most cases correcting problems that require either local user access or access to the Mac via a local network. However, several fixes are more important. An update to BIND prevents a possible remote denial of service attack (but because it reportedly overwrites the BIND launchd plist file, it may both turn BIND off and cause other changes to be lost, a potential problem for Mac OS X Server machines), a new version of fetchmail prevents possible disclosure of passwords, and a fix for CoreGraphics in Mac OS X 10.4 provides additional verification of PDF files to avoid possible crashes when opening maliciously crafted PDFs. The update is available via Software Update or for download in four varieties: for Mac OS X 10.4.9 as Universal (29.2 MB) and PowerPC (15.7 MB) installers; and for Mac OS X 10.3.9 Client (42.5 MB) and Server (56 MB) systems.

 

READERS LIKE YOU! Support TidBITS by becoming a member today!
Check out the perks at <http://tidbits.com/member_benefits.html>
Special thanks to Martin Taylor, d(arter, Paul Schreiber, and Mike for
their generous support!