Apple Releases 10.5.8 Security Update and OS X 10.6.3

Author: Bradford Schmidt
Published: March 30, 2010 at 8:59 am

Apple released two important updates yesterday: Security Update 2010-002, which patches OS X v10.5.8, and an updated version of OS X v10.6, v10.6.3. Both address multiple vulnerabilities in a number of applications. You can read Apple's datasheet on the updates on the Apple support site.

The vulnerabilities may allow an attacker to execute arbitrary code, bypass security restrictions, or operate with elevated privileges. The vulnerable applications include a number of commonly used programs, and the long list of patches includes work on:

Application Firewall, some rules of which may become disabled after a restart
AppKit, to correct a vulnerability that may lead to "arbitrary code execution" when spell checking a malicious document
AFP Server, which has multiple vulnerabilities patched
CoreAudio, also to correct a vulnerability that may lead to "arbitrary code execution" when malicious audio content is played
Mail
QuickTime, again to correct a vulnerability that may lead to "arbitrary code execution," this time when viewing malicious video content

There are way too many more to list, the upshot being, particularly in light of the vulnerabilities via spell check, audio, and video content, all users should update immediately. If you haven't been prompted to, please run Software Update from the Apple menu.

Read comments on this article, and add some feedback of your own

About this article

Article Author: Bradford Schmidt

Bradford Schmidt is a feature writer at the award-winning newspaper Florida Weekly. He is also a freelance writer and editor that covers food, music and technology. His newspaper columns and features are reprinted on his blog, BradfordSchmidt.com, …

Bradford Schmidt's author page — Author's Blog