Apple recommended that all OS X users install the update. It said that the vulnerabilities could lead to a system crash or allow an intruder to run unauthorized software on the computer. The fixes relate to various components and services in the Mac OS X operating system, including the AirPort driver, the Help view and the Installer application.

About half of the patches relate to security, such as remote code execution that could permit a hacker to obtain control over a Mac, although there have been no such reported attacks.

Kerberos, iChat

Several of the vulnerabilities are within Kerberos, a network authentication protocol developed at M.I.T. "Running the Kerberos administration daemon may lead to an unexpected application termination or arbitrary code execution with system privileges," Apple said in its Update. Apple credited the M.I.T. Kerberos Team with reporting the issue.

The Libinfo component and LoginWindow software were identified as having flaws that could allow a user to bypass authentication. Video chat was also flagged as being vulnerable. The iChat component had a vulnerability that could allow a malicious user to remotely execute code through a malformed chat request.

Apple also identified a vulnerability in Airport that could allow remote execution in a legacy system, and a patch was included. However, the latest Mac Pro, iMac or MacBook systems are not affected.

The patches also deal with eight identified vulnerabilities in the way the operating system handles disk images. Apple said that mounting a malicious disk image could lead to a security breach.

Largest in March

In early March, Apple also released a large set of fixes. In that batch, the largest so far this year, there were 30 patches for 22 applications. In 2007, the Cupertino, California-based company has issued an average of one security update per month. This is a faster pace than in 2006, when Apple released eight sets of patches in the entire year.

This week's update also addresses several zero-day bugs that were revealed as part of the Month of Apple Bugs in January. The Month of Apple Bugs was a project by two researchers, Kevin Finisterre and the pseudonymous LMH, who reported one flaw per day in Mac OS X or in Mac applications. Each of the vulnerabilities was a previously undocumented security issue.

LMH also led the Month of Kernel Bugs last November. Last summer, researcher HD Moore had orchestrated a Month of Browser Bugs, which focused on unpatched security flaws in Firefox, Internet Explorer, Safari, and Opera.