My Technology Guide: Windows, OS X, Linux, iOS, Android and more

The Ultimate Managed Hosting Platform

Apple releases Mac OS X security update, Boot Camp 3.1

by

Apple on Tuesday released Security Update 2010-001, a collection of fixes for users of Mac OS X Leopard (10.5) and Snow Leopard (10.6).

As with most security releases, the latest Mac OS X update fixes issues within the core system and does not add new features to built-in applications or fix application bugs.

Security Update 2010-001

  • CoreAudio
    CVE-ID: CVE-2010-0036
    Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2, Mac OS X Server v10.6.2
    Impact: Playing a maliciously crafted mp4 audio file may lead to an unexpected application termination or arbitrary code execution

  • CUPS
    CVE-ID: CVE-2009-3553
    Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2, Mac OS X Server v10.6.2
    Impact: A remote attacker may cause an unexpected application termination of cupsd

  • Flash Player plug-in
    CVE-ID: CVE-2009-3794, CVE-2009-3796, CVE-2009-3797, CVE-2009-3798, CVE-2009-3799, CVE-2009-3800, CVE-2009-3951
    Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2, Mac OS X Server v10.6.2

  • ImageIO
    CVE-ID: CVE-2009-2285
    Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8
    Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution

  • Image RAW
    CVE-ID: CVE-2010-0037
    Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2, Mac OS X Server v10.6.2
    Impact: Viewing a maliciously crafted DNG image may lead to an unexpected application termination or arbitrary code execution

  • OpenSSL
    CVE-ID: CVE-2009-3555
    Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2, Mac OS X Server v10.6.2
    Impact: An attacker with a privileged network position may capture data or change the operations performed in sessions protected by SSL

In addition to updating Mac OS X, Apple also released an update for users of its Boot Camp software. According to the release notes provided with the update, Boot Camp 3.1 “adds support for Microsoft Windows 7 (Home Premium, Professional, and Ultimate).” The update also fixes a couple of bugs with the trackpad, turns off the digital audio LED when not in use, and adds support for wireless keyboards and the Apple Magic Mouse.

Boot Camp allows users to create a partition on a Mac and install Windows. Unlike virtualization apps like Parallels or VMware Fusion, Boot Camp users must restart their computers to use Windows. Boot Camp 3.1 can be downloaded from Apple’s support Web site.

You may also like...