Apple Releases Security Updates For OSes

Apple Inc., the company behind the iPad tablet device, has dished out its Security Update 2010-003 for a single vulnerability affecting its Mac OS X Server 10.5, Mac OS X 10.5, Mac OS X 10.6 and Mac OS X Server 10.6 operating systems.

According the support document released by the Cupertino company, the security update fixes a vulnerability that might lead to arbitrary code execution from viewing or downloading files embedded with a 'maliciously crafted font.'

Interestingly, the company, which just came out with its iAd mobile advertisement platform, credited the discovery of the vulnerability to security researcher Charlie Miller, who has been winning the Pwn2Own hacking competition three years in a row.

Miller, who has a knack for finding flaws in the seemingly impregnable Mac OSX armour, had also discovered a highly critical iPhone SMS vulnerability, which could be used to run an unassigned code on the smartphone (ed : the guys at Cupertino should offer him a full time job).

The Security Update 2010-003 released by Apple for the the Snow Leopard OS is sized at 6.5 MB and supports Mac OS X 10.6.3 or later. Meanwhile the update for the Leopard client and server version requires Mac OS X 10.5.8 and Mac OS X Server 10.5.8 respectively.