Apple will fix security flaws in Jaguar

Apple Computer Inc. said in a statement given to MacCentral on Friday that the company would be fixing security flaws uncovered in Mac OS X Jaguar by Cambridge, MA-based security research firm @Stake earlier this week.

Some have speculated that Apple would not update the older Jaguar operating system since the release of Mac OS X Panther on October 24, 2003, but Apple has put that speculation to rest.

"Apple's policy is to quickly address significant vulnerabilities in past releases of Mac OS X wherever feasible," Apple said in a statement given to MacCentral. "The shipment of Panther does not change this policy. Apple has an excellent track record of working with CERT and the open source community to proactively identify and correct potential vulnerabilities."

Panther, Apple's latest operating system, was not affected by the security issues outlined by @Stake -- the flaws only affect Mac OS X 10.2.8 and lower.

The three advisories are Long argv[] Buffer Overflow; Systemic Insecure File Permissions; and Arbitrary File Overwrite via Core Files. @Stake lists the severity of the advisories as being "high." More information on each of the reported security issues are available in our earlier coverage.

This story, "Apple will fix security flaws in Jaguar" was originally published by PCWorld.

  
Shop Tech Products at Amazon