Patch/Configuration Management, Vulnerability Management

Mac update plugs 28 flaws, does not include Flash 10.1

Apple on Tuesday released its fourth Mac OS X security update of the year to plug 28 vulnerabilities.

The update to version 10.6.4 addresses flaws in 17 components, some open-source, including CUPS, iChat, Network Authorization, SquirrelMail, Ruby, Wiki Server and Flash Player. Successful exploit of many of the bugs could lead to arbitrary code execution.

While the patch bundle does address two Flash vulnerabilities, it does not update users to the latest version of the popular multimedia software, 10.1, which was released last week. Instead, the Mac update includes Flash version 10.0.45.2.

Adobe's Wendy Poland, in a blog post Tuesday, said that while the Mac update does not appear to downgrade users who already have upgraded to the latest version of Flash, users are encouraged to verify they are running the correct edition. If they are not, they should install it.

Meanwhile, Mac users should install the new update via their Software Update preferences or through the Apple Downloads page.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.