Modernizing Authentication — What It Takes to Transform Secure Access
has rolled out a major security update
to fix several vulnerabilities in its flagship Mac OS X Panther client
The patch, which is rated "highly critical" by security research firm Secunia, addresses security flaws that put Mac OS X users at risk of sensitive data leakage, Denial of Service attacks and system access.
According to an Apple advisory, the Mac OS X 10.3.5 update corrects multiple vulnerabilities in libpng that can be exploited by malicious hackers to compromise a user's system.
The U.S. government's Computer Emergency Readiness Team (US-CERT) has previously issued a warning that bugs in libpng, the reference library that supports the Portable Network Graphics (PNG) image format, could allow a remote attacker to commandeer a vulnerable machine.https://o1.qnsr.com/log/p.gif?;n=203;c=204634421;s=15939;x=7936;f=201702151714490;u=j;z=TIMESTAMP;a=20304455;e=i
The upgrade also includes improved support for NTFS formatted volumes; updates for ATI and NVIDIA graphics drivers; updated Mail and Image Capture applications; and improved compatibility for third-party applications, Apple said.
Also patched are specific vulnerabilities in Apple's Safari Web browser. The upgrade plugs a hole that could open the door to phishing attacks and addresses a flaw that could be used by a malicious Web site to steal sensitive information from forms.