Apple Patches 25 Mac OS Security Flaws

Apple has patched 25 security vulnerabilities, more than half of which involved open-source code, in its Tiger (10.4) and Leopard (10.5) operating systems.Eleven of the flaws addressed by Security Update 2.008-004 (downloadable from Apple's Web site) were deemed critical, having to do with arbitrary code execution. Affected open-source components include Ruby, an object-oriented open-source scripting language, and Apache Tomcat, which provides a server environment for running Java. Other bugs have to do with bypassing the password requirement in Leopard's Dock and a vulnerability in how WebKit handles JavaScript that could enable hackers to take over a Mac.

Apple also updated Safari for the Mac to plug a hole already fixed in the Windows version of the browser and released an update to bring the operating system to Version 10.5.4.Macworld, Computerworld