Apple Security Update Addresses Software Update

Vulenrability

Apple has released Secuirty Update 7-12-02, which addresses a previously noted vulenrability in the Software Update component of Mac OS X that would allow hackers to emulate an Apple server and distribute malicious files.

An Apple Knowledge Base article (#75304) explains:

"Packages presented via the Software Update mechanism are now cryptographically signed, and the new Software Update client 1.4.6 checks for a valid signature before installing new packages. Downloaded packages which do not contain a valid signature are deleted from the system."

MacFixIt readers noted that the security update made beta testing rounds.Friday evening.