June 16, 2010

Mac update plugs 28 flaws, does not include Flash 10.1

Apple on Tuesday released its fourth Mac OS X security update of the year to plug 28 vulnerabilities.

The update to version 10.6.4 addresses flaws in 17 components, some open-source, including CUPS, iChat, Network Authorization, SquirrelMail, Ruby, Wiki Server and Flash Player. Successful exploit of many of the bugs could lead to arbitrary code execution.

While the patch bundle does address two Flash vulnerabilities, it does not update users to the latest version of the popular multimedia software, 10.1, which was released last week. Instead, the Mac update includes Flash version 10.0.45.2.

Adobe's Wendy Poland, in a blog post Tuesday, said that while the Mac update does not appear to downgrade users who already have upgraded to the latest version of Flash, users are encouraged to verify they are running the correct edition. If they are not, they should install it.

Meanwhile, Mac users should install the new update via their Software Update preferences or through the Apple Downloads page.

Related Articles
Related Topics

Sign up to our newsletters

More in News

House Intelligence Committee OKs amended version of controversial CISPA

Despite the 18-to-2 vote in favor of the bill proposal, privacy advocates likely will not be satisfied, considering two key amendments reportedly were shot down.

Judge rules hospital can ask ISP for help in ID'ing alleged hackers

The case stems from two incidents where at least one individual is accused of accessing the hospital's network to spread "defamatory" messages to employees.

Three LulzSec members plead guilty in London

Ryan Ackroyd, 26; Jake Davis, 20; and Mustafa al-Bassam, 18, who was not named until now because of his age, all admitted their involvement in the hacktivist gang's attack spree.