Apple has released 17 fixes for holes in its OSX security software.
Only a third of the bugs could lead to hackers injecting their own code into a compromised system and eight of the 17 could lead to denial of service attacks or crashes.
Among the serious bugs is one in how Tiger handles PDF files. "By enticing a user to open a maliciously crafted PDF file, an attacker could trigger the overflow which may lead to an unexpected application termination or arbitrary code execution," Apple's advisory says.
Windows users are used to seeing this sort of attack, but it is clear that the same sort of bug effects Apple users too.
Another flaw fixed today exists in the code that maps ports on home networks in iChat, Apple's instant messaging service and software.
More here.