Apple has released a range of patches for security holes - both old and new - for its Mac OS X operating system, which it advises users to download immediately. The company is downplaying the issue but one security company at least is concerned that the vulnerabilities could be extremely serious. Secunia has given the five - yes, five - patches a "highly critical" rating and warned that they may allow hijacking, security bypass, data manipulation, privilege escalation, denial of service and system access.
In other words, it makes Microsoft's current Sasser problems look no more than a nasty nip. The difference of course is that Windows is the vast majority of the market and Macs account for only three percent of operating systems. There isn't a worm exploiting the holes as yet but the company is strongly advising users to download and install the patches as the OS looks like an easy target at the moment.
Secunia has given the series of patches a "highly critical" rating, which it explained was due to the Apple's dismissive attitude to one of the holes. Secunia described a vulnerability within AppleFileServer that allows for a buffer overflow as an attempt to "improve the handling of long passwords", but security specialists @stake warned that it could lead to the full system access.
News source: TechWorld
In other words, it makes Microsoft's current Sasser problems look no more than a nasty nip. The difference of course is that Windows is the vast majority of the market and Macs account for only three percent of operating systems. There isn't a worm exploiting the holes as yet but the company is strongly advising users to download and install the patches as the OS looks like an easy target at the moment.
Secunia has given the series of patches a "highly critical" rating, which it explained was due to the Apple's dismissive attitude to one of the holes. Secunia described a vulnerability within AppleFileServer that allows for a buffer overflow as an attempt to "improve the handling of long passwords", but security specialists @stake warned that it could lead to the full system access.
News source: TechWorld
Radish™
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.