The patches are the first security distribution specifically for the latest version of OS X, released in late October.
Apple disclosed that one issue in Application Firewall creates a situation where the "block all incoming connections" setting for the firewall is misleading, which could result in the exposure of network services.
The patch changes that description to “only allow essential services” for a limited number of processes.
Apple also fixed Application Firewall to correctly block incoming connections. An issue had caused processes “running as user root" to receive incoming connections, even if those processes should have been marked to block such connections, according to Apple's latest security advisory.
Apple also updated Application Firewall so that setting changes take place immediately after they are implemented, not after the application is restarted.
In the most patch-heavy week in memory for Apple, the Cupertino, Calif.-based company released updates OS X version 10.4.11 and Safari 3 Beta on Wednesday, and iPhone and iPod Touch versions 1.1.2 on Monday.