Apple issues Security Update 2007-005; Now averaging 1 security update a month
Apple today released a 32 MB security patch (its 5th this year) bringing its average for the year to one Secuirty Update a month.
The 2 main vulnerabilities patched in this update both dealt with exploiting a UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) vulnerability to gain access to a user’s computer and possibly launch a denial of service attack or execute arbitrary code.
From Software Update:
Security Update 2007-005 is recommended for all users and improves the security of the following components:
bind
CarbonCore
CoreGraphics
crontabs
fetchmail
file
iChat
mDNSResponder
PPP
ruby
screen
texinfo
VPN
Security Update 2007-004 has been incorporated into this security update.
For detailed information on this update, please visit this website: http://docs.info.apple.com/article.html?artnum=61798