Apple has released a security update that repairs 26 vulnerabilities in its OS X operating system and bundled applications.
Of the patched security holes, 17 could expose the user to an arbitrary code execution.
Four of the remaining vulnerabilities could lead to disclosure of confidential information, two could cause an application to crash. A local user in three cases could exploit a flaw to gain additional user rights.
Apple doesn't provide severity ratings for the security holes it discloses in its software. Some of the arbitrary code execution flaws would generally be considered the most severe vulnerabilities because an attacker can exploit them without any user interaction.
The update, for instance, repairs four arbitrary code execution vulnerabilities in the way that OS X handles images in the GIF, RAW or Radiance formats. An attacker could exploit those by placing a specially crafted image on a website or send it as an email attachment.
Users can obtain the patch through the software update feature in OS X or download the patch from Apple's website.
News source:
ieXbeta
Full story:
View Here