The update to Mac 10.4.11 - the last to Tiger, if Apple sticks with to tradition - also includes numerous non-security enhancements, many of them in performance, reliability and stability areas. Apple's Windows browser has been patched against cross-site scripting vulnerabilities several times since its June release. Several, however, are classified as cross-site scripting vulnerabilities, which are popular tools for identity thieves on the hunt for account usernames and passwords. Dubbed Safari Beta Update 3.0.4, the new browser plugs 10 holes, one of which could lead to code execution.
#DVD STUDIO PRO UPGRADE DOWNLOAD FOR WINDOWS#
Safari for Windows, which remains in beta testing, also got an Apple upgrade in a separate download for Windows XP and Windows Vista users. For example, the Safari browser WebKit, the open-source application framework used by Safari, Apple's Mail e-mail client, and other Web-centric software and WebCore, the part of WebKit that handles HTML rendering, represented more than a third of the fixes, 14 all told.Īpple has patched over 150 vulnerabilities in the eight security updates it has issued so far during 2007. Not surprisingly, Internet-related vulnerabilities accounted for a large number of the bugs. Web site since then, but this is the first time that Apple has bundled it with an operating system. A patched version of the plug-in has been available for manual download from the Adobe Systems Inc. Included in that category was a fix for a Flash Player plug-in vulnerability made public in mid-July.
It's good to see Apple put forth these fixes as many of these updates fix critical security flaws." "Typically, the third-party applications are open-source projects examples represented here include BIND, bzip, and Kerberos. "The majority of the bugs found in OS X and on the iPhone have dealt primarily with third-party applications shipped with Apple's operating systems," said Storms in an e-mail. Many of the vulnerabilities were in the third-party components included with Apple's operating system, noted Andrew Storms, nCircle's director of security operations.
0 kommentar(er)
