0
The megapatch is the seventh Apple security patch release in three months. It deals with vulnerabilities in Apple's own software, as well as third-party components such as Adobe Systems' Flash Player, OpenSSH and MySQL. Sixteen of the vulnerabilities addressed by the update were previously released as part of two high-profile bug-hunting campaigns.
The vulnerabilities pose varying risks to Macs. Several of the flaws could be exploited to gain full control over a Mac running the vulnerable component, according to Apple's advisory. Other holes are limited and could only be exploited to crash a Mac or used by somebody who already has access to a machine to elevate privileges, for example.
One focus of the patch is to fix eight vulnerabilities in the way Mac OS X handles disk images, files that when opened appear as a drive within the Macintosh Finder. Mounting a malicious image may lead to an error and could provide a means for an attacker to breach a Mac, Apple said.
CNet
45??
