It’s time for users of Mac OS X Leopard and Snow Leopard to get their Software Update engines ready. Apple on Tuesday released Security Update 2010-005, which is recommended for all users.
Detailed in Apple’s support document, this update contains a variety of fixes for both the client and server versions of Mac OS X 10.5 Leopard and 10.6 Snow Leopard. Among the vulnerabilities squashed in the patch include one where maliciously crafted fonts that could be embedded in documents, a potential man-in-the-middle data interception attack, possible code execution due to maliciously crafted PDF documents, vulnerabilities in the ClamAV antivirus program, a weakness in the Samba system that could allow denial of service attacks, and a number of security holes in Mac OS X’s pre-installed version of PHP.
The updates are available now in Software Update for all affected versions of Leopard and Snow Leopard or from Apple’s support downloads site. Download sizes range from 80MB to 418MB, depending on which client or server version of Mac OS X they are designed for.