Apple Computer has issued a patch to close more than a
dozen “highly critical” security vulnerabilities in its main Mac OS
X operating system.
The 13 security holes affect both the Panther and Tiger versions
of the Mac OS and cover web server, curl technology, Safari browser
and denial of service vulnerabilities.
Remote attackers can use some of the holes to take over a user’s
Mac and execute malicious code.
Internet security company Secunia has rated the flaws as “highly
critical”. A flaw in the Mac Safari browser, for instance, allows
remote attackers to infect a user’s machine if they simply visit a
malicious website.
Curl technology is used to download files and distribute them
efficiently. A flaw in Apple’s curl system allows attackers to
execute code on a Mac when a user visits a rogue website.
The latest batch of security updates follows the one from Apple
at the beginning of November, which addressed four security
holes.
