Apple Snow Leopard patches a dozen security issues

Apple logo

Apple has released its first software patch of 2010 for Mac OS X Leopard and Snow Leopard, and has added support for Windows 7 in the latest version of its Boot Camp virtualisation software.

The patch - or Software Update 2010-001, to use its full name addresses a total of 12 vulnerabilities in Apple's version 10.5 and 10.6 operating systems, including a loophole in the systems' CoreAudio, which leaves the OS potentially vulnerable to malicious code hidden in an MP4 audio file.

Other security issues addressed include similar vulnerabilities in Image RAW's DNG file-handling and the ImageIO software that could be used to execute arbitrary code. The Flash Player plug-in, meanwhile, accounts for seven of the 12 tweaks, and is now on version 10.0.42, matching an update already issued on Adobe's side last month to close a number of security vulnerabilities.

A patch for the OpenSSL network encryption system has also been included as a preventative measure to guard against a known man-in-the-middle vulnerability between the SSL and TLS protocols.

The latest version of Boot Camp, 3.1, brings long-awaited support for Windows 7, in Home Premium, Professional and Ultimate varieties, while also addressing some issues with the trackpad, adding support for Apple's wireless keyboard and its latest Magic Mouse and turning off the digital audio LED when not in use.

Apple says Security Update 2010-001 is "recommended for all users and improves the security of Mac OS X", labelling nine of the 12 issues as potentially leading to "arbitrary code execution".

The version for Snow Leopard comes in at a fairly streamlined 21.9MB, while separate Client and Server options have been released for Mac OS X 10.5 Leopard, weighing in at a meatier 159.58MB and 248.11MB respectively.

However, the first OS X patch of the new decade is less than half the size by the 10.6.2 Snow Leopard update issued in November last year, which fixed a total of 58 flaws and was up to 479MB in size.

The updates are available through the usual Software Update utility, or through the support section on Apple's website. The latter is also where you'll find Boot Camp 3.1.