Security Update 2007-005 released: Vulnerabilities in iChat, CoreGraphics, more plugged

Apple has released Security Update 2007-005, eliminating potential vulnerabilities in a broad set of Mac OS X components.

Briefly, the update touches the following system parts:

• bind
• CarbonCore
• CoreGraphics
• crontabs
• fetchmail
• file
• iChat
• mDNSResponder
• PPP
• ruby
• screen
• texinfo
• VPN

For a detailed list of the flaws patched, see Knowledge Base article #305530.

The enhancements introduced by Security Update 2007-004 have been incorporated into this security update.

The new release is available through Software Update, or via the following download links:

• Security Update 2007-005 (Mac OS X 10.3.9 Server) [56MB]
• Security Update 2007-005 (Mac OS X 10.3.9 Client) [42.5MB]
• Security Update 2007-005 (Mac OS X 10.4.x PowerPC) [15.7MB]
• Security Update 2007-005 (Mac OS X 10.4.x Intel) [29.2MB]

Problems after installing the update? Please let us know.

Update procedure recommendation For important recommendations on applying this update, please see our guide on "Safely applying system updates."

Getting the update off your Mac If you are experiencing dire issues after applying Security Update 2007-005 cannot be resolved by common workarounds, you may want to uninstall the update.

This can be accomplished via the process outlined in our guide "How to Reinstall the System (Mac OS X)."

Resources