Severity: High
11 February, 2008
Summary:
- These vulnerabilities affect: OS X 10.4.11(Tiger) and OS X 10.5.x (Leopard), both client and server versions
- How an attacker exploits them: Multiple vectors of attack, including enticing one of your users into visiting a malicious web site
- Impact: Various results. In the worst case, attacker executes code on your user’s computer, with your users privileges
- What to do: OS X 10.4.11 users should install Security Update 2008-001. OS X 10.5.x users should install version 10.5.2
Exposure:
Today, Apple released a security update fixing over 11 security issues in software packages that ship as part of OS X, including Mail, Launch Services, and Samba. Many of these vulnerabilities allow attackers to execute any code they choose on your OS X machines, so we rate this update Critical. Apply it as soon as you can. Some of the fixed vulnerabilities include: