Apple Patches Security Hole in Mac OS X

Apple has released an update to Mac OS X patching a security hole that potentially allowed malicious code to be run via a Web page.

The hole, which was rated as “extremely critical” by security company Secunia, allowed an attacker to potentially execute any Unix command, including ones to erase the users home directory.

The company took the unusual step of issuing a statement announcing the fix, in contrast to its previous policy of refusing all comment on security issues.

“Apple takes security very seriously and works quickly to address potential threats as we learn of them—in this case, before there was any actual risk to our customers,” said Philip Schiller, Apple Computer Inc.s senior vice president of worldwide product marketing.

/zimages/4/28571.gifFor insights on the Mac in the enterprise, check out eWEEK.com Executive Editor Matthew Rothenbergs Weblog.

But according to some users, the company was notified of the problem in February and has yet to respond to the original notification.

/zimages/4/28571.gifClick hereto read about Apples plan to ease its pace for Mac OS X upgrades.

The fix is available via the Mac OS X Software Update System Preference, or it can be downloaded from Apples Web site.

/zimages/4/28571.gifCheck out eWEEK.coms Macintosh Center at http://macintosh.eweek.com for the latest news, reviews and analysis about Apple in the enterprise.

/zimages/4/77042.gif

Be sure to add our eWEEK.com Macintosh news feed to your RSS newsreader or My Yahoo page