Apple Releases Security Update for Tiger & Panther

Apple Computer released Security Update 2005-008 for both Tiger (Mac OS X 10.4.2) and Panther (Mac OS X 10.3.9). The update addresses several different security issues, including the following components:

  • ImageIO
  • LibSystem
  • Mail
  • QuickDraw
  • Ruby
  • SecurityAgent
  • securityd

The ImageIO and QuickDraw updates keep "maliciously crafted" images from being able to execute code. The update addresses two issues that may have exposed the contents of encrypted messages or "sensitive information." Three issues were corrected that could have allowed a user to gain root access to a machine.

The Safari update keeps maliciously crafted web archives from potentially being able to allow cross-site scripting. The last issue, a problem with SecurityAgent fixed a problem where a user with physical access to the system could have been able to bypass the "Require password to wake this computer from sleep or screen saver" setting.

You can find additional details on all of those component updates in the Knowledge Base article for the release.

Security Update 2005-008 is a 4.5 MB download for Tiger, and a 7.1 MB update for Panther. It can be downloaded through Software Update on your Mac, or through the Apple Downloads page.