Apple has released its fifth Mac OS X security update of 2007 to patch a number of potential vulnerabilities. Security Update 2007-005 makes changes to CoreGraphics, iChat, VPN, BIND, crontabs, PPP, and other components, in most cases correcting problems that require either local user access or access to the Mac via a local network. However, several fixes are more important. An update to BIND prevents a possible remote denial of service attack (but because it reportedly overwrites the BIND launchd plist file, it may both turn BIND off and cause other changes to be lost, a potential problem for Mac OS X Server machines), a new version of fetchmail prevents possible disclosure of passwords, and a fix for CoreGraphics in Mac OS X 10.4 provides additional verification of PDF files to avoid possible crashes when opening maliciously crafted PDFs. The update is available via Software Update or for download in four varieties: for Mac OS X 10.4.9 as Universal (29.2 MB) and PowerPC (15.7 MB) installers; and for Mac OS X 10.3.9 Client (42.5 MB) and Server (56 MB) systems.
Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the TidBITS Content Network for Apple consultants.
- Two Small Security Updates (04 Jun 07)
Published in TidBITS 881.
Subscribe to our weekly email edition.
- Copyright Fun and Games
- MacLinkPlus Deluxe Converts Word/Excel 2007 Documents
- DealBITS Winners: SmileOnMyMac's PageSender
- Making Pages in Adobe Illustrator
- Scroll Wheel Tips
- A Personal Shopper for HD Video Editing Gear
- Geophoto Puts Your Photos on the Map
- Hot Topics in TidBITS Talk/28-May-07
- Take Control News/28-May-07