As Erica just noted, Security Update 2007-02 is out, and four of the open security issues raised by the Month of Apple Bugs project are now history. These problems have been addressed by the ongoing patch efforts of Landon Fuller, but his fixes should defer automatically to the new official versions.
- Finder -- Mounting a maliciously-crafted disk image may lead to an application crash or arbitrary code execution
- iChat (2 flaws) -- attackers on the local network may be able to cause iChat to crash, & visiting malicious websites/AIM URLs may lead to an application crash or arbitrary code execution
- UserNotificationCenter -- local users may be able to escalate to system-wide privileges