{"id":1326,"date":"2004-09-07T00:00:00","date_gmt":"2004-09-07T00:00:00","guid":{"rendered":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2004\/09\/07\/apple-fixes-15-flaws-in-mac-os-x\/"},"modified":"2021-12-30T11:39:10","modified_gmt":"2021-12-30T11:39:10","slug":"apple-fixes-15-flaws-in-mac-os-x","status":"publish","type":"post","link":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2004\/09\/07\/apple-fixes-15-flaws-in-mac-os-x\/","title":{"rendered":"Apple fixes 15 flaws in Mac OS X"},"content":{"rendered":"

Apple Computer released an update to its Mac OS X operating system to fix 15 security issues in the software.<\/p>\n","protected":false},"excerpt":{"rendered":"

Many of the problems are flaws in the operating system’s underlying open-source software, including a critical flaw in the Kerberos authentication system–software that can act as a gatekeeper for computer networks.<\/p>\n

The patch is available for Mac OS X 10.3.5 and Mac OS X 10.3.4, and also fixes issues in Mac OS X 10.2, known as “Jaguar.”<\/p>\n

“All security enhancements…are also available for Jaguar, if the issue could occur on Jaguar systems,” a security advisory from the company said. The patch fixes software flaws that could enable an attacker to crash or freeze the Apache 2 Web server, run software by utilizing Apple’s Safari Web browser or expose the password store used by the network.<\/p>\n

Security information provider Secunia ranked the Kerberos threat as “highly critical,” its second-highest danger rating.<\/p>\n

Apple has pointed to open-source software as a source of security for the company’s operating system. While open-source projects tend to release patches as soon as possible, Apple and other companies have moved to more occasional releases of collections of patches.<\/p>\n

Apple’s advisory, with details of the update, is available on the company’s Web site.<\/p>\n

http:\/\/news.com.com\/Apple+fixes+15+flaws+in+Mac+OS+X\/2100-1002_3-5350010.html?tag=nefd.top<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-1326","post","type-post","status-publish","format-standard","hentry","category-product"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1326","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1326"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1326\/revisions"}],"predecessor-version":[{"id":3813,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1326\/revisions\/3813"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1326"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1326"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1326"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}