Apple has released its fifth security update of the year, covering 25 vulnerabilities in 20 Mac OS X components.
Fifteen of the vulnerabilities could allow an attacker to execute malicious code, but no working exploits have been reported for any of the attacks so far.
Three of the remote code execution vulnerabilities lie within Kerberos, a network security component developed by MIT. Apple credits the MIT Media Lab with reporting all three vulnerabilities.
Other fixes were for the Libinfo component and the LoginWindow software, which contained two flaws allowing users to bypass the authentication screen.
Apple's iChat video chat component received a fix for a vulnerability that could allow an attacker to remotely execute code on a user's system through a malformed video chat request.
The update also addresses a vulnerability in AirPort which could allow remote execution in several legacy systems. None of Apple's latest Mac Pro, iMac or MacBook systems is affected by the flaw.
The vulnerability is also unrelated to the pair of flaws patched earlier this month in the 802.11n AirPort systems.
The update is the second largest Apple has issued this year. The company released a security update last month containing 30 patches in 22 applications.
Apple update fixes 25 flaws
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
Now is the time for the channel to push the hardware refresh
Building higher tier service offerings with cost-effective, proactive monitoring
AI PCs shift from hype to revenue opportunity for partners
Promoted Content
Kris Manché, Panel Expert at Index Brisbane
Expanding Opportunities for Microsoft Partners with Dicker Data’s Solution ConX Marketplace




