Is my Mac Secure? Ask Apple - they know.

Apple has published its 3rd security update for 2006. There is no question that there are fewer (any?) viruses on OS/X and fewer security breaches on OS/X powered machines. But like any modern OS, OS X still has its share of security vulnerabilities. Apple's main saving grace has been the fact that fewer people are actively trying to exploit these vulnerabilities as a result of Apple's small market share (< 5%).

Check out some of the fixes covered by Apple's latest security update.

AppKit, ImageIO
Impact: Viewing a maliciously-crafted GIF or TIFF image may lead to arbitrary code execution

BOM
Impact: Expanding an archive may lead to arbitrary code execution
Impact: Expanding a malicious archive may cause arbitrary files to be created or overwritten

CFNetwork
Impact: Visiting malicious web sites may lead to arbitrary code execution

CoreFoundation
Impact: Registration of an untrusted bundle may lead to arbitrary code execution
Impact: String conversions to file system representation may lead to arbitrary code execution

CoreGraphics
Impact: Characters entered into a secure text field can be read by other applications in the same window session

Finder
Impact: Launching an Internet Location item may lead to arbitrary code execution

FTPServer
Impact: FTP operations by authenticated FTP users may lead to arbitrary code execution

ImageIO
Impact: Viewing a maliciously-crafted JPEG image may lead to arbitrary code execution

Keychain
Impact: An application may be able to use Keychain items when the Keychain is locked

LaunchServices
Impact: Viewing a malicious web site may lead to arbitrary code execution

libcurl
Impact: URL handling in libcurl may lead to arbitrary code execution

Mail
Impact: Viewing a malicious mail message may lead to arbitrary code execution

Preview
Impact: Navigating a maliciously-crafted directory hierarchy may lead to arbitrary code execution

QuickDraw
Impact: Viewing a maliciously-crafted PICT image may lead to arbitrary code execution

Safari
Impact: Visiting malicious web sites may lead to file manipulation or arbitrary code execution

How many different ways was there to accidently trigger a malicious code when simply viewing a web page or reading an email?

This should not come as a surprise to anyone in the technology industry, but I am sure it is a shocker to most consumers who have been bombarded with OS X "I am invulnerable" mantra.

Bottom line: always use common sense when browsing the web or read email messages - even if you are using a Mac.