Apple Snow Leopard patches a dozen security issues
Apple has issued its first Mac OS X update of the new year, and has added Windows 7 support to Boot Camp too.
The patch - or Software Update 2010-001, to use its full name addresses a total of 12 vulnerabilities in Apple's version 10.5 and 10.6 operating systems, including a loophole in the systems' CoreAudio, which leaves the OS potentially vulnerable to malicious code hidden in an MP4 audio file.
Other security issues addressed include similar vulnerabilities in Image RAW's DNG file-handling and the ImageIO software that could be used to execute arbitrary code. The Flash Player plug-in, meanwhile, accounts for seven of the 12 tweaks, and is now on version 10.0.42, matching an update already issued on Adobe's side last month to close a number of security vulnerabilities.
A patch for the OpenSSL network encryption system has also been included as a preventative measure to guard against a known man-in-the-middle vulnerability between the SSL and TLS protocols.
The latest version of Boot Camp, 3.1, brings long-awaited support for Windows 7, in Home Premium, Professional and Ultimate varieties, while also addressing some issues with the trackpad, adding support for Apple's wireless keyboard and its latest Magic Mouse and turning off the digital audio LED when not in use.
Apple says Security Update 2010-001 is "recommended for all users and improves the security of Mac OS X", labelling nine of the 12 issues as potentially leading to "arbitrary code execution".
The version for Snow Leopard comes in at a fairly streamlined 21.9MB, while separate Client and Server options have been released for Mac OS X 10.5 Leopard, weighing in at a meatier 159.58MB and 248.11MB respectively.
However, the first OS X patch of the new decade is less than half the size by the 10.6.2 Snow Leopard update issued in November last year, which fixed a total of 58 flaws and was up to 479MB in size.
Four cyber security essentials that your board of directors wants to know
The insights to help you deliver what they needDownload now
Data: A resource much too valuable to leave unprotected
Protect your data to protect your companyDownload now
Improving cyber security for remote working
13 recommendations for security from any locationDownload now
Why CEOS should care about the move to SAP S/4HANA
And how they can accelerate business valueDownload now