Apple corrects patch trouble

Apple Computer on Monday released the second set of Mac OS X security fixes in two weeks.

Security Update 2006-002 corrects problems caused by the company’s previous patch and fixes newly discovered security flaws, some of which could let an attacker run code on a computer with the same privileges as the user, the company said on its Web site.

“This Security Update includes some upgrades to our download validation mechanism and strengthens it,” Bud Tribble, Apple’s vice president of software technology, told CNET News.com. “We reduced the number of false positives it gives.”

Earlier this month Apple released a security update for its operating system to plug 20 holes. That update added download validation to the Safari Web browser, Apple Mail client and iChat instant-messaging tool. The function warns people that a download could be malicious when they click on the link.

However, download validation has been sounding the alarm on harmless files. “Security Update 2006-001 could cause the user to be warned when provided with certain safe file types, such as Word documents, and folders containing custom icons,” Apple said in its security alert. The new update fixes that problem, the company said.

Full story: ZDNet News