Apple issues security updates for Leopard OSAfter the release last week of its new Snow Leopard snow leopard or ounce Endangered species ( Uncia uncia;) of nocturnal long-haired cat that inhabits the high mountains of Central Asia and India. It is about 6 ft (1.8 m) long, including the 3-ft (1-m) tail, stands about 2 ft (0. operating system operating system (OS) Software that controls the operation of a computer, directs the input and output of data, keeps track of files, and controls the processing of computer programs. , Apple has issued a security update for the Java component in its Leopard OS, Mac OS X 10.5.The update, released Thursday, addresses problems in the Apple version of Java that could let applets obtain elevated privileges, cause application termination or result in arbitrary code In computer security, arbitrary code is executable code introduced externally that runs despite the intent of the original programmer. The code is injected into a currently-running application or its memory space, thus making the application execute the code. execution, according to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. Apple's advisory.In one of the vulnerabilities, “A stack buffer overflow This article is about the specifics of stack-based buffer overflows. For buffer overflows more generally, see Buffer overflow. In software, a stack buffer overflow exists in Java Web Start A mechanism from Sun for delivering full-blown Java applications from a Web server. The programs are initially downloaded using the browser, but run outside of the browser. Contrast with Java applets, which require an open browser window to stay active. command launcher. Launching a maliciously crafted Java Web Start application may lead to an unexpected application termination or arbitrary code execution,” the advisory said. “This update addresses the issue through improved bounds checking.”The update doesn't affect Snow Leopard, Mac OS X 10.6, which already has the same level of Java updates installed, according to the advisory. But Snow Leopard reportedly suffers from an unrelated security issue. “It seems that Apple is shipping an outdated, even dangerous version of [the Adobe] Flash Player,” Peter James, an Intego spokesman, wrote in a post on the Intego Mac Security Blog. The problem shows up for Snow Leopard users that had previously upgraded to the newest version of the Flash player.“If you had upgraded to Flash version 10.0.32.18 prior to installing the new OS, you ended up with Flash version 10.0.23.1 afterward. Leaving you vulnerable,” wrote Adrien de Beaupré, a handler with the SANS Internet Storm Center. Users can update to the latest version of Flash at the Flash Player Download Center. 
|
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion