Critical Mac OS X update patches security holes

Filed Under: Apple, Malware

As Chet has described on his blog, Apple yesterday issued a major update to Mac OS X which fixes a number of security vulnerabilities. Many of the security holes could, if left unpatched, allow hackers to run malicious code and hijack your Apple Mac.

Mac OS X 10.6.3 download

The update to version 10.6.3 of Mac OS X Snow Leopard also includes a number of "stability and compatibility" updates for users.

More information about the products affected by the Apple security vulnerabilities can be found on Apple's website.

Don't be one of those Apple users who keep their head in the sands about security, and ensure that your keep your computer patched.

It's true to say that there are many more attacks targeted at Windows users than Mac OS X users, but that doesn't mean that Apple fans are completely ignored by the hacking community.

Just look at last week's Pwn2Own competition at the CanSecWest security show, where Charlie Miller won $10,000 by hacking Safari running on Mac OS X. Miller was able to exploit Apple's default browser and compromise the Apple Mac after visiting a website hosting malicious code. (The vulnerabilities exploited by Miller are not mentioned in Apple's security advisory, so we have to assume that they are not patched with this update).

Of course, if you are responsible for rolling out patches such as this one to a large number of computers it would be wise to test it out on a select number first - just in case there are any compatibility issues.

Mac users can update their computers via the regular Software Update process, or download a patch directly from Apple Downloads.

It's a busy time for system administrators in charge of multiple operating systems - later today Microsoft is due to release an emergency patch for some versions of Internet Explorer.

You might like

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.