Mac update plugs 28 flaws, does not include Flash 10.1

Share this article:

Apple on Tuesday released its fourth Mac OS X security update of the year to plug 28 vulnerabilities.

The update to version 10.6.4 addresses flaws in 17 components, some open-source, including CUPS, iChat, Network Authorization, SquirrelMail, Ruby, Wiki Server and Flash Player. Successful exploit of many of the bugs could lead to arbitrary code execution.

While the patch bundle does address two Flash vulnerabilities, it does not update users to the latest version of the popular multimedia software, 10.1, which was released last week. Instead, the Mac update includes Flash version 10.0.45.2.

Adobe's Wendy Poland, in a blog post Tuesday, said that while the Mac update does not appear to downgrade users who already have upgraded to the latest version of Flash, users are encouraged to verify they are running the correct edition. If they are not, they should install it.

Meanwhile, Mac users should install the new update via their Software Update preferences or through the Apple Downloads page.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

VBA malware on rise, templates make it easier to write code

VBA malware on rise, templates make it easier ...

Researchers at SophosLabs found an uptick in VBA samples in July.

Analysts spot 'Critolock,' ransomware claims to be CryptoLocker

Trend Micro noted several differences between Critolock and CryptoLocker, however.

Citadel used in APT attacks against petrochemical firms

Citadel used in APT attacks against petrochemical firms

In an interesting twist, financial malware Citadel was used to infect firms outside of the finance sector via APT attacks, Trusteer found.