Apple releases Mac OS X security update

Mac OS X 10.4.8 fixes several flaws that could lead to remote code execution, the company says.

Apple Computer released an update Friday for Mac OS X to fix several vulnerabilities that could allow attackers to execute code on unpatched systems.

A total of 15 security vulnerabilities are fixed in the update, which is available on

For example, one of the updates fixes a flaw in Safari that could allow malicious sites to appear as trustworthy destinations, complete with the little lock icon, without proper authentication. In this case, the flaw was fixed by disallowing anonymous SSL (Secure Sockets Layer) connections by default, Apple said.

Also covered by the updates are flaws that could allow arbitrary code execution from a malicious JPEG2000 image and ones that could allow local users to take advantage of failed attempts to log in to a network account. The fixes can be downloaded either as Mac OS X version 10.4.8 or as Security Update 2006-006, Apple said, adding that either download will correct the identified flaws.

Apple last updated Mac OS X 10.4 in June, with several patches and bug fixes delivered as Mac OS X version 10.4.7. Last week Apple issued an update to fix serious flaws in its AirPort wireless driver software that could allow Macs to be hijacked through wireless connections. More information on the current batch of updates can be found on Apple's Web site.

Featured Video
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Roku 4: Our favorite TV streaming system gets 4K video and a remote locator

Ever lose your remote in the couch cushions? Ever wish you could stream 4K Netflix without having to use your TV's built-in app? Roku's new high-end player, the $129 Roku 4, brings these new extras to its best-in-class streaming ecosystem.

by David Katzmaier