Apple patches Mac OS X against 'poison images'


Apple patches Mac OS X against 'poison images'

Warwick Ashford

Apple has released a security update for its Mac OS X operating system which fixes 18 vulnerabilities that could be exploited by hackers.

Most of the vulnerabilities are in the way the operating system handles image files, and they could enable hackers to execute code on users' PCs through poisoned images.

The affected image file formats include PNG, Canon RAW and OpenEXR and images with an embedded ColorSync profile.

This year has seen a number of attacks against users of Mac OS X, according to Graham Cluley, senior technology consultant at security firm Sophos.

Many of these have relied on social engineering to fool Mac owners into installing Trojan horses on their computers, he said in a blog post.

"There is no doubt, however, that cybercriminals would love to be able to exploit software vulnerabilities instead to make infection even easier," he said.

The security update also prevents local users from overwriting kernel memory to execute arbitrary code with system privileges, improves error handling to block denial of service attacks and updates MobileMe to delete credentials on signing out to prevent unauthorised access.

The security update can be downloaded and installed through Mac OS software update preferences or from Apple Downloads.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy