Apple Updates Mac to OS X 10.6.4 for Security

Apple’s Mac OS X is getting an update this week to version 10.6.4, providing users with a long list of security fixes, as well.

From a security perspective, the 10.6.4 release tackles a number of high-priority vulnerabilities including an updated Adobe Flash Player plug-in. Earlier this month, a zero-day security vulnerability had been found in Flash Player. A fix for Windows users became available at the end of last week with the Flash 10.1 release, while Mac users had to wait until Flash’s update, contained in the latest OS X release.

Other flaws tackled in the 10.6.4 update are four flaws in Common Unix Printing System (CUPS), one of the open source software packages used in Apple’s Mac OS X, which has been certified as a Unix operating system since 2007.

Another flaw fixed in 10.6.4 related to the OS X Help Viewer function, which could have potentially been at risk from an arbitrary code execution flaw.

“A cross-site scripting issue exists in Help Viewer’s handling of help: URLs,” Apple said in its advisory. “Visiting a maliciously crafted Website may lead to the execution of JavaScript in the local domain.

The ImageIO image processing system is likewise being fixed for a pair of vulnerabilities: One in its handling of TIFF files while the other is in MPEG2 file-handling. Either one of the flaws could potentially have led to arbitrary code execution on the user’s desktop, Apple said.

Other security vulnerabilities addressed in the OS X update include one in Apple’s iChat instant messaging that could have enabled a remote user to load files to an arbitrary location on a Mac OS X user’s desktop.

Mac OS 10.6.4 will also update Mac users to the new Safari 5 Web browser, which Apple released earlier this month. Safari 5 includes new HTML5 and performance features in addition to providing security fixes.

Unlike Microsoft, which provides users with security updates on the first Tuesday of every month, Apple’s security update schedule isn’t quite monthly. The company released its Mac OS X 10.6.3 update at the end of March, while the Mac OS X 10.6.2 update came out in November 2009. The 10.6 Snow Leopard operating system itself first debuted four months earlier.

Sean Michael Kerner is a senior editor at, the news service of, the network for technology professionals.

Sean Michael Kerner
Sean Michael Kerner
Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.

Top Products

Related articles