Apple fixes Flash snafu in Snow Leopard and 33 bugs in Leopard

From InfoWorld: Less than two weeks after Apple launched Snow Leopard, the company today issued the new operating system's first security update. In a separate upgrade, Apple patched 33 vulnerabilities in 2007's Leopard, and about half as many in the even older Tiger.

Today's updates were the third and fourth from Apple in the last two days. Wednesday, Apple delivered security fixes for the iPhone and iPod Touch, as well as another upgrade for its QuickTime media player.

"It's another sneak attack," said Andrew Storms, director of security operations at nCircle Network Security, referring to the string of updates. "Actually, it's almost what we've come to expect from Apple," he added. Unlike rival OS maker Microsoft, which releases most of its security upgrades on a pre-set monthly schedule, Apple ships its patches whenever they're ready to go out the door. The Snow Leopard 10.6.1 update's security content consisted solely of an upgrade for Adobe's Flash Player, which was bumped to the up-to-date version 10.0.32.18.

Users and security researchers had taken Apple to task for not only shipping Snow Leopard with an outdated and vulnerable version of Flash Player, but also for silently "downgrading" once-secure editions when Macs were updated to the new operating system.

View: Article @ Source Site