Apple today released a security update for Mac OS X that fixes the same PDF-exploit found in iOS a few weeks ago. The update is available for all users who have the latest version of either Leopard or Snow Leopard installed.

Impact: Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution

Description: A stack buffer overlow exists in Apple Type Services’ handling of embedded fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution. This issue is addressed through improved bounds checking.

About the Author

Mark Gurman's favorite gear