Site Network: | | Jongsma & Jongsma

Innovation in Information Security

Coverage of important Information Security and Information Technology news and events from the research team at S?nnet Beskerming.

Username: | Password: Contact us to request an account

A Major Week for Security Patches

Windows and OS X users have had a busy last week patching their systems, as both Microsoft and Apple released important security patches. Windows users found that there were only two patches to apply to their systems, and for home users they might have found that there were no applicable patches for the November Security Patch release from Microsoft.

Apple users found that Apple provided a major security update for Tiger and Panther (10.4 and 10.3), with another update for Leopard (10.5) users to address concerns held about the performance of the built-in system firewall when certain configurations were set. Users of OS X 10.4 and OS X 10.5 found that Apple provided the updates as point releases for their systems, bringing them to OS X 10.4.11 and OS X 10.5.1, respectively. OS X 10.3 users found that Apple provided only the Security Update 2007-008 for their systems. These patches provided fixes for a whole host of critical vulnerabilities affecting different core system components. Given that a number of these core components affected the way that Internet content is interpreted and displayed, Apple also provided updates for the Safari 3 beta for Windows users.

Looking back another week, and Apple also were busy providing major updates to QuickTime (bringing it to 7.3), and the iPhone and iPod Touch, which received updates to their Operating System - bringing them to 1.1.2. The updates for the iPod Touch and the iPhone will have direct effects for those who are trying to unlock their devices, as it closes off the TIFF image handling flaw that was being used as a means to execute arbitrary code on the handheld devices.

Samba users should have also been patching last week, with the disclosure of a vulnerability that could result in complete server compromise from a local unprivileged account. The Samba team have already created an update for this issue and the major Linux distros are already beginning to incorporate updated versions.

18 November 2007

Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis

Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.

Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.

Comments will soon be available for registered users.