Apple fixes 17 Mac OS X flaws, fifth time in 2007
InfoWorld | at | by Mike
Apple on Thursday unveiled the year's fifth major security update for Mac OS X to patch 17 vulnerabilities, but fewer than one-third of them could lead to hackers injecting their own code into a compromised system.
Thursday's release also marked the first time this year that an operating system security update from Apple did not patch a vulnerability disclosed by the January Month of Apple Bugs project.
If Apple sorted bugs by a ranking system -- as do other vendors, including Microsoft -- most of the bugs fixed by Security Update 2007-005 would be rated less than critical. In eight out of the 17, for example, exploits could do no more damage than to generate a denial of service of, or crash, the affected component. Microsoft typically pegs such vulnerabilities as "important" rather than "critical." Only five of the patched vulnerabilities could result in an attacker executing his own code.