Apple fixes 69 vulnerabilities in Mac OS X
Apple has released a security update addressing 69 vulnerabilities in its Leopard and Snow Leopard operating systems.
Quicktime alone accounts for nine vulnerabilities fixed in the Mac OS X v10.6.3 Update, the most serious of which could allow remote code execution when viewing “maliciously crafted” movie and MPEG files. Another fix should bring an end to memory corruptions when QuickTime plays H.264 and Sorenson movie files.
The patch also beefs up Snow Leopard’s ImageIO framework, which should help protect the operating system against malicious image files.
Alongside the security fixes, the update brings a raft of bug fixes to Apple’s operating systems. A colour issue that pops up when playing HD content with iMovie has been fixed, and Apple has promised to increase the reliability of third-party USB input devices, and improve printing reliability.
The update also addresses a curious bug in Snow Leopard’s firewall, which deactivates rules and exceptions after reboot. The update comes hot on the heels of the Pwn2own contest, and Apple has credited “anonymous researchers” with discovering 11 of the 69 flaws.