Apple pushed out a bushel of patches late last week to fix at least 18 security vulnerabilities in its implementation of Java for Mac users. Then on Monday, the company issued a large update that plugged at least 40 security holes in different versions of its OS X operating system. Another standalone patch eliminates a single security flaw in Safari 3 Beta for Windows.
The Java update applies to Mac systems running OS X 10.4 (Tiger) and earlier versions. Apple says none of the vulnerabilities patched in the Java roll-up are present in OS X 10.5 (Leopard). However, a fair number of the fixes in the patch batch for OS X also apply to Leopard.
Some of the security vulnerabilities included in the 80 megabyte Java package were fixed by Java maker Sun Microsystems nearly a year ago. For Apple users, these are not trivial flaws: Apple says some of the holes could be used to add or remove items from a user’s Keychain (which manages passwords on the Mac) without prompting the user. A slew of other vulnerabilities could be used to plant executable programs on Mac systems.
Yet, as a number of other bloggers have already pointed out, for whatever reason Apple’s Software Update program fails to alert users that the Java update includes a large number of important security updates.
New QuickTime Version Plugs 7 Security HolesApple Plugs 44 Security HolesApple’s 48 Security Fixes Include iPhone UpdatesNew QuickTime Player Fixes 3 Security FlawsMicrosoft Plugs 11 Windows Security Holes
April 3rd, 2008 at 12:01 pm
Send Us Your Hot anal-fisting.smile-media.com/ movie & clips!.