Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Apple Misses Bugs, Offers Fix

Apple Computer on Monday released its second security update for Mac OS X in as many weeks, including follow-up fixes to bugs thought to have been patched on March 1.

Security Update 2006-002 corrects three problems that the earlier update missed for the Safari browser and other components, and also patches two new vulnerabilities, one in the Mail client. If not fixed, the Mail bug could give attackers a way to run their code on Macs.

The first day of this month, Apple issued a much larger update that plugged 17 security holes in the Mac OS X and bundled applications, including a zero-day vulnerability that could let attackers hijack machines using "drive-by download" tactics.

2006-002 patches drive-by download vulnerabilities that Apple missed. "This update provides additional checks to identify variations of the malicious file types addressed in Security Update 2006-001 so that they are not automatically opened," Apple said in the advisory.

Errors in the previous update's fixes for an Apache PHP script language bug and a flaw in the "rsync" file transfer utility have also been corrected, said Apple.

  • 1