Apple releases patches for OS X security flaws
Thursday, January 21, 2010
Vulnerabilities in OS X 10.5 and 10.6 were addressed in Apple's first security update of 2010, patching a dozen known security holes in the Mac operating system.
While five of the vulnerabilities were inherent in Apple's own software, the other seven were found in Adobe's Flash Player plug-in, which could lead to remote code execution and other serious issues. Experts say that Flash Player is fast developing a reputation as one of the most popular targets for would-be cyber criminals.
Media functionality was at the heart of the remaining problems as well, as Apple fixed vulnerabilities to maliciously crafted .mp4 audio files, .dng images, and .tiff images. The company's latest round of patches also fixed a months-old vulnerability in OpenSSL, which could have allowed attackers to breach network security and alter protected internet sessions.
PC Magazine security blogger Larry Seltzer questions the timing of the OpenSSL patch, since OpenSSL itself released a fix for the problem "almost immediately" after the discovery of the vulnerability. "It's not clear what took Apple so long," writes Seltzer.
Related News:
Cyber criminals exposed medical records - 3.8.2010
More than 18,000 patients, whose medical information is stored on the computer systems of five doctors in Torrance, California, were potential victims of identity theft in September when cyber criminals penetrated the doctors' networks, according to the Los Angeles Times.
McAfee advises companies to boost web security relating to source code - 3.4.2010
At the RSA Conference, currently taking place in San Francisco, McAfee released a report indicating that companies regularly use too few web security protocols when protecting intellectual property such as source code.
False social networking attacks provides teachable moment for web security - 2.25.2010
A unique tool developed to prevent the spread of malware from social networking websites has been recommended Processor.com, a web and network security news provider.
With global web security under siege, exports point to problems - 2.25.2010
In 2009, Garlik, a United Kingdom-based web security company, reported a 207 percent increase in malware use to overtake bank accounts. Recent events have also shown vulnerability in corporate, private and governmental web security systems.
Kaspersky reports malware growing more sophisticated - 2.24.2010
Kaspersky, a web security provider, reported Wednesday that while there is very little growth in the amount of malware currently roaming the web, it is becoming more advanced and much harder to detect.
|
