Security 2010-005 released

Security Update Box

Apple has released the Security Update 2010-005 for Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4, Mac OS X Server v10.6.4. This update improves the security of Mac OS X. ATS, CFNetwork, ClamAV, CoreGraphics, libsecurity, PHP, Samba components are mentioned. Of interest is the the description of CoreGraphics:

A heap buffer overflow exists in CoreGraphics' handling of PDF files. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. Credit to Rodrigo Rubira Branco from the Check Point Vulnerability Discovery Team (VDT) for reporting this issue.

For details about this security update, please refer to About Security Update 2010-005 page.

Security Update 2010-005 can be downloaded from Apple Software Update under Apple menu or from Apple's Support Download site.

Join our discussion - Seucrity Update 2010-005 addresses PDF exploit at SillyDog701 Message Centre

Posted by Antony at August 25, 2010 10:33 AM

>> more MacCentre701 August 2010 reports.