Apple fixes 15 flaws in Mac OS X

Many of the problems are flaws in the operating system's underlying open-source software, including a critical flaw in the Kerberos authentication system--software that can act as a gatekeeper for computer networks. The patch is available for Mac OS X 10.3.5 and Mac OS X 10.3.4, and also fixes issues in Mac OS X 10.2, known as "Jaguar."

"This bit of news should serve notice to ALL computer users/administrators that no platform is completely secure from security bugs. Since both Apple and Windows users are now openly living in glass houses, let's hope that the senseless and infantile stone-throwing will start to die down."
--Tex Murphy

"All security enhancements...are also available for Jaguar, if the issue could occur on Jaguar systems," a security advisory from the company said.

The patch fixes software flaws that could enable an attacker to crash or freeze the Apache 2 Web server, run software by utilizing Apple's Safari Web browser or expose the password store used by the network. Security information provider Secunia ranked the Kerberos threat as "highly critical," its second-highest danger rating.

Apple has pointed to open-source software as a source of security for the company's operating system. While open-source projects tend to release patches as soon as possible, Apple and other companies have moved to more occasional releases of collections of patches.

Microsoft releases fixes once a month, a move that database software maker Oracle has started to do this month as well.

Apple's advisory, with details of the update, is available on the company's Web site.