Apple released a slew of security fixes for its Mac OS X that fixes 41 vulnerabilities in the operating system, as well as a minor update for the beta code of its Safara 3 browser.
Many of the OS X flaws could potentially lead to attackers running unauthorized software on Macs. Some of them also may potentially enable an attacker to access a user’s sensitive data or information or to download files. Nearly half of the OS X vulnerabilities patched by Security Update 2007-009 were labeled by Apple as a potential arbitrary code execution threat, which means a hacker could potentially hijack a machine or install malware.
The flaws fixed in Leopard, Mac OS X 10.5.1 were found in in CFNetwork, CUPS, Flash Player Plug-in, Launch Services, Mail, Perl, python, Quick Look, ruby, Safari, Samba, Shockwave Plug-in, Software Update, and Spin Tracer. For Tiger, OS X 10.4.11 users, in addition to those fixes was a patch for Quick look, as well as udpates for Address Book, ColorSync, Core Foundation, Desktop Services, GNU Tar, iChat, IO Storage Family, Safari RSS, SMB, Spotlight, tcpdump, and XQuery.
The update to Apple’s Safari 3 beta code patched a cross-site scripting problem that affects Windows users of Safari.
So far, Apple has patched about 200 bugs in nine security updates this year.