Apple releases Mac OS X security update, Boot Camp 3.1
Apple on Tuesday released Security Update 2010-001, a collection of fixes for users of Mac OS X Leopard (10.5) and Snow Leopard (10.6).
As with most security releases, the latest Mac OS X update fixes issues within the core system and does not add new features to built-in applications or fix application bugs.
Security Update 2010-001
CoreAudio
CVE-ID: CVE-2010-0036
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2, Mac OS X Server v10.6.2
Impact: Playing a maliciously crafted mp4 audio file may lead to an unexpected application termination or arbitrary code executionCUPS
CVE-ID: CVE-2009-3553
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2, Mac OS X Server v10.6.2
Impact: A remote attacker may cause an unexpected application termination of cupsdFlash Player plug-in
CVE-ID: CVE-2009-3794, CVE-2009-3796, CVE-2009-3797, CVE-2009-3798, CVE-2009-3799, CVE-2009-3800, CVE-2009-3951
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2, Mac OS X Server v10.6.2ImageIO
CVE-ID: CVE-2009-2285
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code executionImage RAW
CVE-ID: CVE-2010-0037
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2, Mac OS X Server v10.6.2
Impact: Viewing a maliciously crafted DNG image may lead to an unexpected application termination or arbitrary code executionOpenSSL
CVE-ID: CVE-2009-3555
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2, Mac OS X Server v10.6.2
Impact: An attacker with a privileged network position may capture data or change the operations performed in sessions protected by SSL
In addition to updating Mac OS X, Apple also released an update for users of its Boot Camp software. According to the release notes provided with the update, Boot Camp 3.1 “adds support for Microsoft Windows 7 (Home Premium, Professional, and Ultimate).” The update also fixes a couple of bugs with the trackpad, turns off the digital audio LED when not in use, and adds support for wireless keyboards and the Apple Magic Mouse.
Boot Camp allows users to create a partition on a Mac and install Windows. Unlike virtualization apps like Parallels or VMware Fusion, Boot Camp users must restart their computers to use Windows. Boot Camp 3.1 can be downloaded from Apple’s support Web site.