Apple updates Snow Leopard, fixes 69 flaws

The latest version of Snow Leopard includes a wide-reaching set of security fixes for OS X 10.6 and 10.5 users.

apple logo

Apple's latest update to its Leopard and Snow Leopard operating systems brings with it a total of 69 security fixes many of them labelled as critical.

The company rolled out Mac OS X 10.6.3 yesterday, and with it issued Security Update 2010-002 for existing users of both client and server versions of OS X 10.6 Snow Leopard and OS X 10.5 Leopard. The security update is already incorporated in OS X 10.6.3.

According to the release notes, 69 security-related changes have been made in total across the various versions of the OS.

QuickTime alone is responsible for nine of the fixes, including addressing a heap buffer overflow in the program's handling of movies encoded in H.263, H.261, RLE, M-JPEG, FLC and MPEG formats, and dealing with memory corruptions in QuickTime's handling of H.264 and Sorenson movie files.

Many of the other security fixes to Snow Leopard apply solely to server-related components such as Wiki Server, Apache and iChat Server.

Separate patches are included for many of the open-source and UNIX components in Mac OS X, including PHP, MySQL and Ruby.

In addition to the QuickTime fixes for issues that could leave the door open for maliciously crafted movie files, CoreImage and ImageIO fixes beef up the OS' defences against malicious image files.

Aside from the security fixes, OS 10.6.3 brings with it a number of usability and performance tweaks too.

Users should see improved wireless networking performance including better Wi-Fi security, fixes for sleep/wake issues when connected with Wi-Fi and better wireless Time Machine backups to a Time Capsule.

The update also improves compatibility with OpenGL-based applications, boosts printing reliability and reliability of third-party USB input devices, resolves issues with recurring events in iCal when connected to an Exchange server.

Apple has also adjusted its Crash Reporter mechanism for reporting application and system crashes. When clicking on the Send to Apple button, not only will the system now send Crash Reporter state data, but also information on the applications and hardware devices connected to your Mac as well as recent system log info.

This simply automates the sending of information which is requested by Apple anyway when it follows up a crash report, with the company insisting it is completely anonymous.

Apple has issued detailed release notes on both the OS X 10.6.3 update and Security Update 2010-002, which include instructions for downloading and installing the updates.

Featured Resources

Four cyber security essentials that your board of directors wants to know

The insights to help you deliver what they need

Download now

Data: A resource much too valuable to leave unprotected

Protect your data to protect your company

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

Recommended

Sopra Steria cyber attack costs to hit €50 million
Security

Sopra Steria cyber attack costs to hit €50 million

26 Nov 2020
Sophos warns customers of potential data leak
Security

Sophos warns customers of potential data leak

26 Nov 2020
Weekly threat roundup: VMware, GitHub, Facebook, and MobileIron
Security

Weekly threat roundup: VMware, GitHub, Facebook, and MobileIron

26 Nov 2020
Egregor ransomware could take up where Maze left off
Security

Egregor ransomware could take up where Maze left off

26 Nov 2020

Most Popular

macOS Big Sur is bricking some older MacBooks
operating systems

macOS Big Sur is bricking some older MacBooks

16 Nov 2020
Huawei Mate 40 Pro 5G review: A tragically brilliant Mate
Mobile Phones

Huawei Mate 40 Pro 5G review: A tragically brilliant Mate

26 Nov 2020
How computing has revolutionised Formula 1
Sponsored

How computing has revolutionised Formula 1

11 Nov 2020