The security update rolls together lots of software fixes

The 33MB package tackles security problems in the AirPort wi-fi software and many holes in programs that ship with the OS X operating system.

But the package of fixes does not close a serious vulnerability discovered in late November.

Attackers exploiting that flaw could, in some circumstances, take control of a vulnerable Apple machine.

Long list

The problem with the AirPort wi-fi software would allow attackers using specially crafted packets of data to hijack a vulnerable machine.

The other flaws the update tackles are exploitable via web pages or downloadable files booby-trapped with malicious code.

Apple recommended that users of Mac OS X versions 10.3.9 and 10.4.8 should download and apply the patch.

Not mentioned in the security update was the serious DMG vulnerability that was the subject of a warning earlier this week by the US Computer Emergency Readiness Team. The US Cert watchdog advises on the most pressing computer security problems.

This revolves around the way that Apple computers handle disk image files which usually bear the .dmg suffix.

It came to light as part of a month-long project by security experts at Info-Pull who are trying to find and publicise a "kernel" bug on every day in November. The kernel is the core of an operating system.

The AirPort bug was also publicised during the "Month of Kernel Bugs" project.

The DMG loophole has currently only been seen to work in the laboratory. No users have been caught out by it.