Security threats Toolkit

Apple patches 25 security flaws in OS X

Joris Evers CNET News.com

Published: 20 Apr 2007 10:20 BST

Apple on Thursday issued a security update for Mac OS X that addresses 25 security flaws in the operating system software.

The security update affects various parts of the operating system, including some third-party components such as the Kerberos authentication technology. The most serious of the vulnerabilities could allow an attacker to gain complete control over an unpatched Mac, Apple said in a security advisory.

The update deals with another trio of zero-day bugs that were disclosed as part of the Month of Apple Bugs in January. Apple has quashed many bugs detailed during the Month of Apple Bugs and Month of Kernel Bugs projects in previous patch releases.

While several of the vulnerabilities repaired by Apple's updates were previously known, it doesn't appear that any attacks exploiting the flaws actually occurred.

Apple's patch release comes just as hackers at the CanSecWest security conference in Vancouver, BC, are being challenged to break into two MacBooks. A successful hack wins the hacker the MacBook and a $10,000 bounty, according to show organisers. The contest and conference ends on Friday.

Apple has released a Mac OS X security update each month this year. In March, the company released an update to fix 45 bugs in the operating system. Apple doesn't have a set patch schedule. Last year, the company released two Mac OS X updates in the first four months of the year.

The latest update is available through the Software Update feature in Mac OS X and from Apple Downloads.