The H-Security: Apple has released Mac OS X 10.7.3 and, for Mac OS X 10.6.8 Snow Leopard users who have yet to upgrade to Lion, Security Update 2012-001; these maintenance and security updates addresses a number of vulnerabilities in the company’s desktop and server operating systems. According to Apple, the updates close more than 50 holes, many of which could be exploited by an attacker to, for example, remotely execute arbitrary code on a victim’s system, gain access to private information or cause a denial-of-service (DoS).
The Client and Server updates fix issues in Address Book, ColorSync, CoreAudio, CoreMedia, CoreText, CoreUI, OpenGL, Internet Sharing, ImageIO, and in the QuickTime media player and various libraries used by Mac OS X. Other problems addressed include vulnerabilities in Apache, the libpng reference library, the PHP scripting language, Subversion and X11. Security Update 2012-001 also corrects problems in Tomcat and SquirrelMail.
Non-security related changes in the 10.7.3 update include a new version of the Safari web browser (5.1.3) and support for additional languages. Issues when using smart cards to log in, in Windows file sharing, and Wi-Fi connection problems when waking from sleep have also been fixed. Support for the camera RAW formats used by eleven additional digital cameras such as the Canon PowerShot S100, Nikon 1 J1 and Sony Alpha NEX-5N has also been added.
Further information about the updates can be found on the Mac OS X 10.7.3 support page and in the security advisory from Apple. Users can download Mac OS X Lion 10.7.3 (Client Standard Update 997.01 MB, Client Combo Update 1.2 GB, Server Standard Update 1 GB, Server Combo Update 1.34 GB) and Security Update 2012-001 (Client 192.73 MB, Server 212.09 MB) from Apple’s Support Downloads page. Alternatively, Mac OS X users can upgrade to the latest releases using the built-in Software Update function. All users are advised to upgrade as soon as possible.