Apple has released an update to address a total of 20 security vulnerabilities in the OS X operating system and several other applications.
In recent weeks, Mac OS X has repeatedly become a target for malicious virus programmers. At the same time, security experts discovered a very serious security flaw in this operating system.
“This update addresses security vulnerabilities in the Safari browser and the security flaw exploited by the Leap-A virus,” a spokesperson for Apple stated.
This update also fixes another security flaw related to the Safari browser. This security issue pertains to how the operating system unpacks or executes metadata in compressed files that are not displayed. This vulnerability can be exploited in conjunction with the flaw in the Safari browser or by tricking users into opening an email with a specially crafted compressed file attached.
The update also modifies security settings in the operating system to protect users from various types of malware such as Leap-A—a worm that spreads aggressively via the iChat instant messaging client on Apple Macs by sending a file to all contacts in the user’s friend list and exploiting the Download Validation feature to activate such malware.
Apple also addressed several less severe security issues, such as a vulnerability in the Directory Service. This security flaw allows users to create and duplicate files even without system administrator privileges. Another vulnerability related to IPsec enables hackers to organize denial-of-service attacks on virtual private network (VPN) connections.
Users can download this update from Apple’s website.
