Apple has released a small security update for Mac OS X 10.5.8, Mac OS X Server 10.5.8, Mac OS X 10.6.3, and Mac OS X Server 10.6.3.
The new release plugs the following security hole:
“Impact: Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution. Description: An unchecked index issue exists in Apple Type Services’ handling of embedded fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution. This issue is addressed through improved index checking.”
The new release is available through Software Update or via the following download pages:
- Security Update 2010-003 (Snow Leopard) [Mac OS X 10.6.x]
- Security Update 2010-003 (Leopard-Client) [Mac OS X 10.5.x]
- Security Update 2010-003 (Leopard-Server) [Mac OS X Server 10.5.x]
Feedback? info@appletoolbox.com.