[ad_1]
Apple released a Mac OS X security update today that fixes a critical PDF vulnerability and a handful of other security issues.
Security Update 2010-005 provides a fix that resolves the "buffer overflow" that exists in CoreGraphics and the way it handles PDF files. This vulnerability could have allowed the "unexpected end of the application of arbitrary code execution by an application" via a malformed PDF file.
It's worth noting that this looks like the exploit used by hackers to jailbreak iOS 4 on the iPhone. It is possible that it is the same thing because it is said that the two operating systems share the same code base. However, nothing indicates that this is true in the Apple support document. Apple has released the update for the iPhone, iOS 4.0.2, a few weeks ago.
This update also fixes a "stack buffer overflow" that would allow the execution of arbitrary code via an ill-formed embedded font and the rest of the patches in the update resolve network security issues.
Full information on this update is available at support.apple.com/kb/HT4312.
Security Update 2010-005 is available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4, Mac OS X Server v10.6.4 via Software Update or Download direct.
[ad_2]
Source link
