Apple has released asecurity
updatefor its Mac OS X operating system which fixes 18
vulnerabilities that could be exploited by hackers.
Most of the vulnerabilities are in the way the operating system
handles image files, and they could enable hackers to execute code
on users' PCs through poisoned images.
The affected image file formats include PNG, Canon RAW and
OpenEXR and images with an embedded ColorSync profile.
This year has seen a number of attacks against users of Mac OS
X, according to Graham Cluley, senior technology consultant at
security firm Sophos.
Many of these have relied on social engineering to fool Mac
owners into installing Trojan horses on their computers, he said in
a
blog post.
"There is no doubt, however, that cybercriminals would love to
be able to exploit software vulnerabilities instead to make
infection even easier," he said.
The security update also prevents local users from overwriting
kernel memory to execute arbitrary code with system privileges,
improves error handling to block denial of service attacks and
updates MobileMe to delete credentials on signing out to prevent
unauthorised access.
The security update can be downloaded and installed through Mac
OS software update
preferences or from
Apple
Downloads.