Apple Patches Security Holes In OS X Leopard
The latest Apple updates pack comes to patch up 21 security holes in the company's latest operating system.
December 16, 2008
The worst threat in the pack was located in Libsystem and would've allowed arbitrary code execution. Additional vulnerabilities have been identified and are now fixed in Adobe Flash, BOM, (Bill of Materials), CoreGraphics, Podcast Producerand various other software.
Another rather dangerous flaw had been patch in Apple's Safari browser. The unpatched version allows hackers to steal cookies used to authenticate on a sensitive website, such as the site of a bank. Apple's advisory reads:
"Safari allows web sites to set cookies for country-specific top-level domains, which may allow a remote attacker to perform a session fixation attack and hijack a user's credentials. This update addresses the issue by performing additional validation of domain names."
The complete patch up facts sheet is available right here.