Apple Releases Mac OS X Security Update 2010-005 - Fixes OS X PDF Exploit

Apple has released a Security Update today for Mac OS X Server 10.5, Mac OS X 10.5.8, Mac OS X Server 10.6, Mac OS X 10.6.4 which addresses issues in the following software:

CFNetwork, ClamAV, CoreGraphics, libsecurity, PHP, Samba

Full changes are detailed on Apple's support site.

Most notably, the patch addresses a Core Graphics PDF exploit which apparently is the same security hole that was used in the JailbreakMe website for iOS.Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution

Description: A heap buffer overflow exists in CoreGraphics' handling of PDF files. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. Credit to Rodrigo Rubira Branco from the Check Point Vulnerability Discovery Team (VDT) for reporting this issue.The update is recommended for all Mac OS X customers.

Popular Stories

Google Assistant

Google I/O 2016: Assistant, Home, Allo, Duo, Android N, and More

Wednesday May 18, 2016 11:51 am PDT by
Google hosted its annual I/O developers keynote at the Shoreline Amphitheatre in Mountain View, California today, announcing multiple new products and services related to Android, search, messaging, home automation, and more. Google Assistant Google Assistant is described as a "conversational assistant" that builds upon Google Now based on two-way dialog. The tool can be used, for example,...