Apple Computer issued on Tuesday updates for its Mac OS X operating system to fix 26 security flaws, some serious.
Several of the vulnerabilities affect the way in which Mac OS X handles images and the file-sharing capabilities of the software, according to an Apple security advisory. Other flaws were found and fixed within components such as Fetchmail, file compression features, and DHCP networking functionality, Apple said.
The vulnerabilities could enable a variety of attacks, security company Symantec said in an advisory sent out to customers of its DeepSight intelligence service. "Remote attackers can execute arbitrary code, trigger denial-of-service conditions, elevate privileges, and disclose potentially sensitive information," Symantec said.
The bulk of the Mac OS X flaws affect both the client and server versions of the operating system. Attackers could exploit several of the vulnerabilities, specifically those related to image processing and file compression, by crafting malicious files and tricking people into opening them, Apple said. This attack method is seen often on computers that run Microsoft's Windows operating system.
A handful of flaws related to file sharing, handled by the Mac OS X AFP server, could expose user data or let a malicious user gain elevated privileges a system running Mac OS X or cause a crash, Apple said.
The update also increases the length of the passkey used for pairing Bluetooth devices with Mac computers, Apple said. This could provide enhanced security for the use of Macs with wireless devices that use Bluetooth technology.
Mac OS X users are urged to upgrade in order to protect their systems against possible attacks that may exploit the flaws. Symantec said that it doesn't know of current attack code for any of the issues, though some may not require specific exploit code, the company said.
Apple has released Security Update 2006-004 to address the issues. The update is available from the Software Update pane in System Preferences on Mac OS X systems or through Apple's Web site. Until now, Apple's most recent security update came out in late June.
Web giant is spending $120 million to beef up its Mountain View, Calif., headquarters, according to filings with the city reviewed by the San Jose Mercury News.
The Samsung Galaxy Mini 2 S6500 could make its debut at the Mobile World Congress in Barcelona later this month, according to a leaked promotional image.
MIT creates a simulation to celebrate the 50th anniversary of Spacewar. A relic of the early days of minicomputers, it was one of the first computer video games and set the stage for many others, including Asteroids.
Join the conversation