Apple released a massive security update on Tuesday that patched at least 80 vulnerabilities in its Tiger and Leopard operating systems, many of which were critical.

The massive patch batch amounts to a download of more than 105MB, and that doesn't include a separate 25MB file that installs version 3.1 of Apple's Safari browser. Mac users who haven't already been prompted to install the updates should apply them manually by opening the OS X system preferences and choosing Software Update.

The updates address bugs in both desktop and server components, several of which allow attackers to remotely execute malicious code on a victim's machine. Vulnerable components include the Mac implementation of OpenSSH, Apache, CUPS, Kerberos and ClamAV. The Help Viewer and core networking features were also patched.

This is the biggest Apple patch fest in recent memory, eclipsing even last November's release of an update that fixed (http://www.theregister.co.uk/2007/11/15/behemoth_apple_patch_batch/) 54 security bugs. They come as Apple software and hardware continue to gain more market share. Apple's patch practice is in sharp contrast to Microsoft's more measured approach, in which a smaller number of updates are released each month. ®

Related stories

Firefox and Safari updates tackle alternative browser bugs (17 April 2008)
http://www.channelregister.co.uk/2008/04/17/alt_browser_updates/
ActiveX update stars in Patch Tuesday critical quintet (9 April 2008)
http://www.channelregister.co.uk/2008/04/09/april_patch_tuesday/
MS keeps admins busy with critical Vista patches (4 April 2008)
http://www.channelregister.co.uk/2008/04/04/ms_qt_opera_patch_summary/
Apple lags MS in security response (31 March 2008)
http://www.channelregister.co.uk/2008/03/31/apple_security_response_pants/
Apple grants Windows PCs the right to run Safari for Windows (27 March 2008)
http://www.channelregister.co.uk/2008/03/27/apple_updates_safari_eula/
Apple forbids Windows users from installing Safari for Windows (26 March 2008)
http://www.channelregister.co.uk/2008/03/26/apple_safari_eula_paradox/
Mozilla CEO blasts Apple for putting security of the internet at risk (24 March 2008)
http://www.channelregister.co.uk/2008/03/24/mozilla_and_the_apple_itunes_update/
Critical bugs bite Kerberos (20 March 2008)
http://www.channelregister.co.uk/2008/03/20/kerberos_vulns/
Sadville insecurity invites pickpockets (15 February 2008)
http://www.theregister.co.uk/2008/02/15/second_life_hack/
Apple on the lookout for one million unlocked iPhones (29 January 2008)
http://www.theregister.co.uk/2008/01/29/1m_unlocked_iphones/
Apple keeps critical security fixes to itself (15 December 2007)
http://www.theregister.co.uk/2007/12/15/apple_security_fixes/
Microsoft delays reduced, Dell goes to the High Street and all is well with AMD (14 December 2007)
http://www.theregister.co.uk/2007/12/14/regweekly_14dec/
Software maker releases the hounds on security vuln reporter (6 December 2007)
http://www.channelregister.co.uk/2007/12/06/autonomy_secunia_dust_up/
QuickTime streaming media exploit targets unpatched bug (26 November 2007)
http://www.channelregister.co.uk/2007/11/26/quicktime_exploit/
Apple's Leopard leaps into action (30 October 2007)
http://www.channelregister.co.uk/2007/10/30/apple_leopard_sales_figures/
Apple patches critical iTunes bug (7 September 2007)
http://www.channelregister.co.uk/2007/09/07/itunes_bug_patched/