Apple releases Security Update 2005-001 for Mac OS X

Fire up your Software Update fingers, folks. Apple has just released their first security update of the year, is it just me or is this just a tad magical? Can you feel the excitement in the air?

What does this Security Update address? Here are the highlights:

• Updates the "at" commands to address a local privilege escalation vulnerability
• Malformed ICC color profiles could overwrite the program heap, resulting in arbitrary code execution.
• The libxml2 library contains unsafe code that may be exploited in applications linked against it.
• Email messages sent from a single machine can be identified
• Multiple vulnerabilities in PHP, including remote denial of service and execution of arbitrary code
• When Safari's "Block Pop-Up Windows" feature is not enabled, a malicious pop-up window could appear as being from
  a trusted site
• SquirrelMail is updated to address a cross-site scripting vulnerability

The full report is available via Apple's knowledge base.

You can get this update using Software Update or via Apple's Download Site.