From alerts@us-cert.gov Wed Aug 17 15:31:39 2005
From: US-CERT Alerts <alerts@us-cert.gov>
To: alerts@us-cert.gov
Date: Wed, 17 Aug 2005 15:12:16 -0400
Subject: US-CERT Cyber Security Alert SA05-229A -- Apple Mac OS X Multiple Vulnerabilities 


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


                     National Cyber Alert System

                   Cyber Security Alert SA05-229A


Apple Mac OS X Multiple Vulnerabilities

   Original release date: August 17, 2005
   Last revised: --
   Source: US-CERT


Systems Affected

     * Apple Mac OS X version 10.3.9 (Panther)
     * Apple Mac OS X version 10.4.2 (Tiger)
     * Apple Safari web browser


Overview

     Apple has released Security Update 2005-007 to correct several
     vulnerabilities affecting Mac OS X and the Safari web browser.
     These vulnerabilities have a wide range of impacts, the most
     severe of which could allow an attacker to gain access to your
     computer.


Solution

  Install an Update

     Use the Mac OS X Software Update feature to download and install
     the updates. Consider scheduling Software Update to check for
     updates automatically (this option is enabled by default).

Description

     Apple Mac OS X has multiple vulnerabilities that could allow an
     attacker to run malicious programs on your computer. Installing
     the update from Apple will correct these vulnerabilities.

     For more technical information, see US-CERT Technical Alert
     TA05-229A and Apple Security Update 2005-007.


References

     * US-CERT Technical Cyber Security Alert TA05-229A -
       <http://www.us-cert.gov/cas/techalerts/TA05-229A.html>

     * Apple Security Update 2005-007 -
       <http://docs.info.apple.com/article.html?artnum=302163>

     * Mac OS X: Updating your software -
       <http://docs.info.apple.com/article.html?artnum=106704>


 ____________________________________________________________________

   The most recent version of this document can be found at:

     <http://www.us-cert.gov/cas/alerts/SA05-229A.html>
 ____________________________________________________________________

   Feedback can be directed to US-CERT. Please send email to
   <cert@cert.org> with "SA05-229A Feedback VU#913820" in the subject.
 ____________________________________________________________________

   Mailing list information:

     <http://www.us-cert.gov/cas/>
 ____________________________________________________________________

   Produced 2005 by US-CERT, a government organization.

   Terms of use:

     <http://www.us-cert.gov/legal.html>
 ____________________________________________________________________


Revision History

   August 17, 2005: Initial release


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBQwOGiRhoSezw4YfQAQLmWgf+IM7BduQkKU1XUKiNUDcMCHnsV4YpdKuO
Je6fm2FQLfHjb5rOFs6140zuC1NbP5sJmT97O/kbgl4QGLprsoTUJh9QRrhR+EaF
H7QaxjWF1tBJKubN74PzbYqXL/d2vLj3TyvyOr3NliE/Uk+5Bl0R/mNH2PXDnOgT
phNLsc6b+XUc3hCUsj4mGXx/mtZQz/gHX6n0wl7JOqwGdPefk/bHoHrtJLpCHgAQ
YBgqqSrBZfsMr63rKzE9gaXpMG1bq57yqM2fsJlTDA43cNZHQVgEJgl3zDs19UYf
Z8ucCJBL09Vcq1q2RzddYblgbGF/2VTFstbppUIFZR5fvDQqtHwCuA==
=ctgk
-----END PGP SIGNATURE-----