Unpatched Mac flaws may put users at risk

Apple Computer is investigating several unpatched and potentially serious security flaws in Mac OS X that have been publicly disclosed, the company said Friday.

Tom Ferris, a security researcher in Mission Viejo, Calif., published late on Thursday information on seven flaws in Apple’s operating system that potentially put Mac users at risk of a cyberattack. The most serious of the flaws could let attackers surreptitiously run malicious code on users’ PCs, Ferris said in an interview via instant messaging.

“We’re in the process of investigating and addressing them,” Bud Tribble, Apple’s vice president of software technology, told CNET News.com. “I think it is important to note that although these are potential vulnerabilities, there are no known exploits to them and they are not affecting customers today.”

Five of the flaws identified by Ferris relate to how Mac OS handles various image file formats–including BMP, TIFF and GIF, according to his security advisories. Another flaw involves the way OS X decompresses Zip archives. Additionally, Ferris claims to have found several bugs in Apple’s Safari browser.

Full article: CNET News.com