Apple patches Mac OS X against 'poison images'

Apple has released a security update for its Mac OS X operating system which fixes 18 vulnerabilities...

Apple has released a security update for its Mac OS X operating system which fixes 18 vulnerabilities that could be exploited by hackers.

Most of the vulnerabilities are in the way the operating system handles image files, and they could enable hackers to execute code on users' PCs through poisoned images.

The affected image file formats include PNG, Canon RAW and OpenEXR and images with an embedded ColorSync profile.

This year has seen a number of attacks against users of Mac OS X, according to Graham Cluley, senior technology consultant at security firm Sophos.

Many of these have relied on social engineering to fool Mac owners into installing Trojan horses on their computers, he said in a blog post.

"There is no doubt, however, that cybercriminals would love to be able to exploit software vulnerabilities instead to make infection even easier," he said.

The security update also prevents local users from overwriting kernel memory to execute arbitrary code with system privileges, improves error handling to block denial of service attacks and updates MobileMe to delete credentials on signing out to prevent unauthorised access.

The security update can be downloaded and installed through Mac OS software update preferences or from Apple Downloads.



Enjoy the benefits of CW+ membership, learn more and join.

Read more on Operating systems software

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.