Tuesday Apple annouced a new security update for OS X. The update, titled Security Update 2006-007, patches security holes in Apple’s own code as well as Third Party code that ships with the OS. All in all there are 22 fixes included in the update and over half of them, if left unpatched, could allow for whole system compromises.
One of the more notable fixes is for a vulnerability in the Airport driver that shipped on Mac’s from 1999-2003. Although a hacker would have to be on the same wireless network in order to mount an attack, the hacker could trigger a memory corruption flaw after sending a corrupt network packet to the target computer.
The remaining fixes include updates to the OS X security framework, protection from execution of compressed files, corrupt font files, and VPN server vulnerabilities.
