Security & Privacy

Apple has released Security Update 2010-001 which patches a dozen flaws in Mac OS X including some critical issues. Available for both Mac OS X 10.5 and 10.6, this update notably fixes Flash Player flaws that Adobe patched last December. (We wrote about the Flash Player update when Adobe released it, advising users to update Flash Player on their own. This new Apple security update patches Flash Player to the same version as that released last December.)

Other fixes in this update prevent such things as arbitrary code execution that may occur when viewing TIFF and RAW images, or when listening to MP4 (AAC) audio files, and a denial-of-service issue with cupsd, the printing daemon in Mac OS X. The music and photo flaws are of the kind that can potentially be used to run code on a Mac that simply visits a booby-trapped website.

Users can apply the update via Software Update, or can download updaters from Apple’s Downloads page. The updater is 22 MB for Snow Leopard and 160 MB for Leopard.