Apple OS X vulnerabilities – Snow Leopard patches more security holes

OS X patch 10.6.7Today saw the release of OS X version 10.6.7. This is the latest update to ‘Snow Leopard’, the current version of Apple’s operating system for Mac computers.

Looking at Apple’s announcement, this release doesn’t provide anything quite as significant as version 10.6.6, which brought us the App Store. However, it does patch a number of potential security holes and upgrades the Safari to version 5.0.4 – fixing over 60 vulnerabilities in the web browser.

The most serious of the patched vulnerabilities seem to have been in image and font rendering subsystems and also in QuickTime media viewing. All of these components are shared and could impact a number of applications including iTunes and Safari. They allow downloaded content to inject code or crash your system.

There are also a bunch of security updates to open source system tools like Apache, Clam AV and bzip2.

Security patches are also available for older versions of OS X 10.6 and OS X 10.5.8.

Aside from the security content, the update seems to focus on improving the App Store, Windows file sharing and the Back to My Mac remote connectivity system.

If you have recently bought one of the latest MacBook Pro models there’s an additional update that fixes image rendering bugs that can cause display freezing and flickering.

Make sure you apply the update as soon as possible. And while you’re waiting for it to download, read my colleague Ben’s excellent mini-series on securing Mac OS X, covering simple physical, user and hardware security measures that can help keep you safe from a whole range of threats.

And, whilst you’re about it, why not take advantage of our award-winning free version of Sophos Anti-Virus for Mac for home users? (No fee, no registration, and no expiry.)

DownloadFree Anti-Virus for Mac
Download Sophos Anti-Virus for Mac Home Edition