Apple Updates Security On Leopard, Tiger, And PantherApple Updates Security On Leopard, Tiger, And Panther

Apple has released a major security update to current and previous versions of its OS X operating system.

Apple on Wednesday released Mac OS X 10.4.11, a 70 Mbyte update for the Tiger version of its operating system that's available through Apple's Software Update program or as a standalone installer.

The update brings Apple's Safari browser to version 3.0, which previously was available to Apple customers who upgraded to Leopard or who sought out and downloaded the software.

It also adds RAW image decoding support for several cameras, including the Panasonic Lumix DMC-FZ50, the Leica V-Lux 1, the Olympus E-400, the Olympus EVOLT E410, the Olympus EVOLT E510, and the Canon EOS 40D.

And the update improves compatibility when using OpenType fonts in QuarkExpress, reliability when using VMware's Fusion, and synchronization between iPhone and Yahoo address books. It also addresses other issues.

Most significantly, the update fixes 41 vulnerabilities, many of which could allow a remote attacker to execute arbitrary -- ie: malicious -- code on the affected system.

The affected software includes the Adobe Flash Player Plug-in, AppleRAID, the Mach Kernel, the Safari Web browser, and other core system components.

Apple has made these fixes available to users of OS X 10.3.9 (Panther) in a separate download.

On Thursday, Apple released an update (10.5.1) for Mac OS X "Leopard," which debuted last month. It includes three fixes to the Application Firewall that could lead network services to be exposed.

Apple also released a security update (3.04) for Safari 3 Beta for Windows XP and Vista on Wednesday. The patch fixes a tabbed browsing flaw that could expose user credentials, several cross-site scripting vulnerabilities, and a buffer overflow bug, among other issues.