Apple releases another OS X patch

Apple has released the third OS X security patch in a month. The patch is designed to plug vulnerabilities in a wide range of services, including file sharing, printing and QuickTime.

The wave of vulnerabilities relating to image files and libraries on all computing platforms continued as Apple stopped QuickTime`s handling of a hacked BMP file that could allow "attackers to execute arbitrary code", the company said. Similar issues with portable network graphics files were addressed in an August update, Ziff Davis reports.

The patches are offered through Apple`s automatic software update service and its download page.

IBM has added biometric security to its ThinkPad notebook line, claiming it is ready for mainstream use.

According to eWeek, the company has added a fingerprint scanner to its T42 ThinkPad notebook chassis. It will offer the technology as an option on a number of additional models, said IBM security and wireless technology programme director Clain Anderson.

While tests in 2002 showed that fingerprint recognition technology could be bypassed, Anderson said the company was confident in newer versions of the technology. IBM will tie the new fingerprint security sensor to its embedded security chip.

The encrypted fingerprint image is sent directly to and compared with the stored image in the security chip, instead of being transmitted over the general PCI bus, said Anderson.

The banking industry has warned customers with online accounts to guard against a new wave of cyber fraud.

According to industry body Apacs, around 2 000 British online account holders had been victims of scams in the past year, losing lb4.5 million between them. Many were duped into revealing their account passwords by phoney e-mails purporting to come from their bank, while others had their computers infected with some form of spyware, BBC reports.

A recent Apacs survey found that 4% of the UK`s online account holders would automatically respond to e-mails that appeared to come from their bank.

Good filtering is available, but the lack of message authentication means the industry is only halfway to solving spam, Microsoft CEO Bill Gates told delegates at the Computer History Museum.

Gates said that adware and malware have him "ticked off" enough that Microsoft plans to do something about them, adding that hundreds of millions of dollars could be spent to achieve this. Gates pointed to identity theft and phishing as two of the more severe problems, eWeek reports.

One possible solution would be an "info card" users could view to confirm the identity and authenticity of Web sites, making it more difficult for criminals to make their sites appear legitimate, he said.