Skip to content
Thoughtful, detailed coverage of everything Apple for 28 years
and the TidBITS Content Network for Apple professionals
2 comments

Security Update 2010-003 (Snow Leopard)

Apple has released Security Update 2010-003 (Snow Leopard) to address a critical vulnerability in the way Apple Type Services in Mac OS X 10.6 Snow Leopard parses embedded fonts. Users who view or download any documents containing maliciously crafted embedded fonts run a risk of arbitrary code execution. The update addresses this issue by improving index checking. This vulnerability was first demonstrated by Charlie Miller at the Pwn2Own conference 20 days ago, which shows a reasonably quick response on Apple’s part. The update requires Mac OS X 10.6.3 and is available via Software Update and the Apple Support Downloads page. (Free, 6.5 MB)

Subscribe today so you don’t miss any TidBITS articles!

Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For 28 years, we’ve published professional, member-supported tech journalism that makes you smarter.

Registration confirmation will be emailed to you.

Comments About Security Update 2010-003 (Snow Leopard)