Apple on Tuesday released Security Update 2010-001, a collection of fixes for users of Mac OS X Leopard (10.5) and Snow Leopard (10.6).

As with most security releases, the latest Mac OS X update fixes issues within the core system and does not add new features to built-in applications or fix application bugs.

Security Update 2010-001 fixes an issue in Mac OS X's CoreAudio where a maliciously crafted MP4 audio file could be used as a way to execute code or terminate an application on the user's computer. Image RAW's handling of DNG files has also been updated to avoid what Apple calls "arbitrary code execution."

The Flash Player plug-in has been updated to version 10.0.42 fixing multiple vulnerabilities, including code execution on the user's computer. Adobe issued an update for this in early December, but Apple has included it with this release.

Additional changes in other system level components like ImageIO, CUPS and OpenSSL provide further security for Mac OS X users.

Security Update 2010-001 is available through the software update mechanism in Mac OS X.

In addition to updating Mac OS X, Apple also released an update for users of its Boot Camp software. According to notes provided with the update, Boot Camp 3.1 "adds support for Microsoft Windows 7 (Home Premium, Professional, and Ultimate)."

Full story: c|net