Apple Releases New Security Update for Leopard, Snow Leopard

Apple on Tuesday released Security Update 2010-001 for Mac OS X Snow Leopard as well as versions for both client and server releases of its predecessor, Mac OS X Leopard. These updates improve the security of Mac OS X are recommended for all users of the respective versions.

Included in the update are a number of patches, including a buffer overflow for the CoreAudio system that could let a maliciously crafted MP4

audio file execute arbitrary code, a hole in the CUPS printing system where a remote attacker could cause the system to terminate, flaws in the ImageIO and Image RAW software that could let maliciously crafted image files execute arbitrary code, and a patch for the OpenSSL network encryption system that could allow a third-party to capture encrypted data.

Security Update 2010-001 also contains the most recent version of Adobe's Flash Player plug-in, 10.0.42, which fixes numerous vulnerabilities, among them one that could lead to arbitrary code execution as a result of viewing a maliciously crafted Website.

The updates weigh in at 21.9MB for Snow Leopard, 159.58MB for Leopard client, and 248.11 MB for Leopard server, though the size may vary from computer to computer. They are available through Software Update or via Apple's Support downloads page.

Shop ▾
arrow up Amazon Shop buttons are programmatically attached to all reviews, regardless of products' final review scores. Our parent company, IDG, receives advertisement revenue for shopping activity generated by the links. Because the buttons are attached programmatically, they should not be interpreted as editorial endorsements.

Subscribe to the Best of PCWorld Newsletter