Apple on Tuesday released Mac OS X 10.5.7, an update for its operating system that improves application performance and stability, and also includes close to 70 security fixes.
The update, available through Apple's Software Update control panel or from its Downloads Web page, adds RAW image support for several digital cameras; improves video playback and cursor movement for recent Macs with Nvidia graphics; improves the reliability and accuracy of the Unit Converter, Stocks, Weather, and Movies widgets; addresses Gmail login issues and Yahoo contact sync issues; and improves Finder search results for network volumes, among other tweaks.
It also fixes several issues with Apple's iCal and Mail applications, as well as its Parental Controls control panel. And it resolves several printing issues.
Perhaps the most noteworthy aspect of the Mac OS X 10.5.7 patch is the fact that it contains 68 security fixes.
Though Andrew Storms, director of security operations for nCircle, notes that many of the vulnerabilities addressed are in open source software like BIND, PHP, and Ruby that Apple bundles with its system, he nonetheless questions the lingering perception that somehow Apple's software has fewer bugs than anyone else's.
"Who would have thought that OS X was so insecure?" he said in an e-mailed statement. "Nearly every component of Apple's OS and its applications are touched by security-related fixes in the latest massive update from Apple. This is a real wake-up call for everyone that has been touting the Mac OS as more secure than Windows."
While Storms may be correct in noting that Apple isn't possessed of some magical immunity to the human capacity for error that leads to software vulnerabilities, no less a source than Microsoft on Tuesday opted not to release a Mac version of its new PowerPoint patch because the exploit code it found targeted Windows machines but not Macs. The risk of an infected PowerPoint file to Mac users, it seems, just isn't as great as it is for users of Windows.
But Mac users shouldn't be complacent. More and more attacks target Web applications, making the underlying operating system less important.
No comments:
Post a Comment