#Java update for mac 10.5.8 mac os x#
Most of the bugs were specific to Leopard the older Mac OS X 10.4, aka Tiger, only harbored seven vulnerabilities. Unlike other vendors, such as Microsoft and Oracle, Apple does not assign a threat ranking to the bugs it discloses. More than half of the vulnerabilities - 10 of the 18 - were labeled with Apple's "arbitrary code execution" phrase, meaning the flaws are critical and could be exploited to compromise a Mac. "This one's important only because MobileMe is such a big application for Apple," argued Storms. A person with access to the local user account may continue to access any other system associated with the MobileMe account which had previously been signed in for that local account." "Signing out of the preference pane does not delete all credentials. "A logic issue exists in the MobileMe preference pane," Apple said in the advisory. Storms also called attention to the MobileMe vulnerability, which, although not serious, could be used by unscrupulous friends or co-workers to access someone's account. And with the exception of one vulnerability in the "bzip2" open-source data-compressor, all of today's bugs were within Apple's own code. Two of the bugs Apple called out in its advisory affect Safari, but the flaws are not actually found in the browser. "Usually, we see a lot of Safari or WebKit vulnerabilities, or bugs in a lot of third-party components," he said. Storms saw other oddities this time around.
0 kommentar(er)
