Apple unleashes monster patch batch on Mac faithful

By Dan Goodin in San Francisco → More by this author

19 Mar 2008 00:19

105MB of justice

Apple released a massive security update on Tuesday that patched at least 80 vulnerabilities in its Tiger and Leopard operating systems, many of which were critical.

The massive patch batch amounts to a download of more than 105MB, and that doesn't include a separate 25MB file that installs version 3.1 of Apple's Safari browser. Mac users who haven't already been prompted to install the updates should apply them manually by opening the OS X system preferences and choosing Software Update.

The updates address bugs in both desktop and server components, several of which allow attackers to remotely execute malicious code on a victim's machine. Vulnerable components include the Mac implementation of OpenSSH, Apache, CUPS, Kerberos and ClamAV. The Help Viewer and core networking features were also patched.

This is the biggest Apple patch fest in recent memory, eclipsing even last November's release of an update that fixed 54 security bugs. They come as Apple software and hardware continue to gain more market share. Apple's patch practice is in sharp contrast to Microsoft's more measured approach, in which a smaller number of updates are released each month. ®

54 comments posted — Comment period finished