Apple's security team kicked off the year yesterday with an update to fix 12 vulnerabilities in the firm's Snow Leopard and Leopard operating systems, including seven Adobe Flash Player flaws.The relatively small patch will come as a relief to security administrators, who faced a record Apple security update last November which addressed nearly 60 vulnerabilities.Contained in the security advisory this time are warnings of multiple flaws in the Adobe Flash Player plug-in, the most serious of which "may lead to arbitrary code execution when viewing a maliciously crafted web site". This flaw could enable a hacker to take control of a compromised PC.Also featured was a fix for a man-in-the-middle vulnerability in the SSL and TLS protocols. "An attacker with a privileged network position may capture data or change the operations performed in sessions protected by SSL," read the advisory.Nine of the 12 flaws may lead to "arbitrary code execution", according to Apple. Although the company does not categorise the severity of its vulnerabilities, unlike Oracle for example, this kind of flaw is likely to be regarded as 'critical' by security administrators.
Issue: 315 | May 2013
Access CRN's extensive online resources including; email bulletins, community discussions and unique online news.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can log on to the CRN website or start posting comments on articles.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain '@crn.com.au' to your white-listed senders.