Apple fixes Mac OS X and Safari browser flaws

Apple has updated both Mac OS X and Safari, fixing a multitude of vulnerabilities.

The security update (version 10.5.8) for Mac OS X comes only a week after the last one, and fixes a flaw which would have allowed a hacker to interrupt the BIND service by sending a "maliciously crafted update message" to the BIND DNS server.

It would allow a remote attacker to cause the "DNS Server to unexpectedly terminate", which Kaspersky security evangelist Ryan Naraine claimed could lead to a denial of service attack.

The other patch is an update to Apple's Safari browser that fixes six vulnerabilities in the security content of Safari 4.

Flaws that the 4.0.3 patch fix include a problem with Safari's Top Sites view and three vulnerabilities in its open source browser WebKit. It also fixed issues with CoreGraphics and Image IO.

Does Apple need to be more open over its security policies? Find out here.