Apple Mac Products Affected by Multiple Vulnerabilities

• Apple Mac OS X version 10.3.9 (Panther) and version 10.4.7 (Tiger)
• Apple Safari web browser
• Apple Mail

Previous versions of Mac OS X may also be affected.

Mac OS X, Safari web browser, Mail, and other products are affected by multiple vulnerabilites. Apple has released Security Update 2006-004
to address these vulnerabilities, the most serious of which may allow a remote attacker to place and run malicious code on your computer.

Solution

Install an Update

Install Apple Security Update 2006-004 through Apple Update.

Disable "Open 'safe' files after downloading"

For additional protection, disable the option to "Open 'safe' files after downloading," as specified in "Securing Your Web Browser."

Mac OS X, Safari web browser, Mail, and other products are affected by multiple vulnerabilities. Some of these vulnerabilities could allow an
attacker to run malicious programs on your computer.

For more technical information, see US-CERT Technical Alert TA06-214A.

References

• US-CERT Technical Cyber Security Alert TA06-214A - <http://www.us-cert.gov/cas/techalerts/TA06-214A.html>
• Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/#Safari>
• Apple Security Update 2006-004 - <hhttp://docs.info.apple.com/article.html?artnum=304063>
• Vulnerability Notes for Apple Security Update 2006-004 - <http://www.kb.cert.org/vuls/byid?searchview&query=apple-2006-004>
• Mac OS X: Updating your software - <http://docs.info.apple.com/article.html?artnum=106704>

.

Revision History

• August 2, 2006: Initial release
  
  October 2, 2006: Corrected mistaken link to Technical Alert