Apple last week advised users to upgrade following the discovery that various versions of Mac OS X, Safari web browser, Apple Mail, and other products are affected by multiple security vulnerabilities. Users of Apple Mac OS X version 10.3.9 (Panther) and version 10.4.5 (Tiger) are confirmed to be at risk.

Older versions of Mac OS X might also be exposed to various security flaws, the most serious of which creates a means for hackers to load malicious code onto vulnerable computers. Although the flaws are not the current subject of hacking attacks, it still makes sense to upgrade.

Users who haven't had their OS software updated automatically through the Apple Update service are advised to apply security patches, as explained in an Apple's technical advisory here (http://docs.info.apple.com/article.html?artnum=303737). Security clearing house US CERT further advises (http://www.us-cert.gov/cas/alerts/SA06-132A.html) Safari fans to disable the "Open 'safe' files after downloading" option on their browser as an added precaution.

QuickTime aficionados - whether they use the popular media viewer software on Mac or Windows platforms - also needs to upgrade, again because of security flaws. Apple QuickTime 7.1 corrects several image and media file handling vulnerabilities that create a means for hackers to run hostile code on vulnerable systems.

Apple users are covered by Apple's Update service, but Windows users will need to apply a separate update, as explained in a US CERT advisory here (http://www.us-cert.gov/cas/alerts/SA06-132B.html) and (in more detail) by Secunia here (http://secunia.com/advisories/20069). ®

Related stories

Apple megapatch fixes multiple flaws (14 March 2007)
http://www.theregister.co.uk/2007/03/14/apple_megapatch/
Apple patches QuickTime bug (24 January 2007)
http://www.theregister.co.uk/2007/01/24/apple_patches_quicktime_bug/
Apple patches Tiger (28 June 2006)
http://www.reghardware.co.uk/2006/06/28/apple_updates_macosx/
Apple yanks key x86 Mac OS X open source code (17 May 2006)
http://www.theregister.co.uk/2006/05/17/apple_closes_key_x86_osx_code/
McAfee warns over Apple virus risk (9 May 2006)
http://www.theregister.co.uk/2006/05/09/mcafee_mac_security_risk/
Apple releases Mac OS X 10.4.6 update (4 April 2006)
http://www.reghardware.co.uk/2006/04/04/apple_updates_macosx/
Microsoft sets Apple straight on security (23 March 2006)
http://www.theregister.co.uk/2006/03/23/microsoft_apple_security/
Plug pulled on Mac hacking challenge (9 March 2006)
http://www.theregister.co.uk/2006/03/09/mac_hacking_challenge/
Apple update fixes 'critical' security bug (2 March 2006)
http://www.reghardware.co.uk/2006/03/02/apple_security_update/
Triple threat to Mac OS X largely academic (27 February 2006)
http://www.theregister.co.uk/2006/02/27/apple_security_threats_a_reality/
Unpatched Mac OS X hole poses critical risk (22 February 2006)
http://www.theregister.co.uk/2006/02/22/macosx_vuln/
Apple posts Mac OS X 10.4.5 update (15 February 2006)
http://www.reghardware.co.uk/2006/02/15/apple_macosx_10-4-5/
Apple's in the eye of flaw finders (8 February 2006)
http://www.theregister.co.uk/2006/02/08/apple_vulnerability/