September 7, 2004 5:22 PM PDT
Apple fixes 15 flaws in Mac OS X
Many of the problems are flaws in the operating system's underlying open-source software, including a critical flaw in the Kerberos authentication system--software that can act as a gatekeeper for computer networks. The patch is available for Mac OS X 10.3.5 and Mac OS X 10.3.4, and also fixes issues in Mac OS X 10.2, known as "Jaguar."
"All security enhancements...are also available for Jaguar, if the issue could occur on Jaguar systems," a security advisory from the company said.
The patch fixes software flaws that could enable an attacker to crash or freeze the Apache 2 Web server, run software by utilizing Apple's Safari Web browser or expose the password store used by the network. Security information provider Secunia ranked the Kerberos threat as "highly critical," its second-highest danger rating.
Apple has pointed to open-source software as a source of security for the company's operating system. While open-source projects tend to release patches as soon as possible, Apple and other companies have moved to more occasional releases of collections of patches.
Microsoft releases fixes once a month, a move that database software maker Oracle has started to do this month as well.
Apple's advisory, with details of the update, is available on the company's Web site.
33 commentsJoin the conversation! Add your comment