Apple released today its fifth major security update for Mac OS X. this new update patches 17 vulnerabilities. Still fewer then one third of them are rated critical on Apple’s rating scale.

In eight out of the 17, for example, exploits could do no more damage than to generate a denial of service of, or crash, the affected component. Microsoft typically pegs such vulnerabilities as "important" rather than "critical." Only five of the patched vulnerabilities could result in an attacker executing his own code.

Among the serious bugs is one in how Mac OS X 10.4 handles PDF files. "By enticing a user to open a maliciously crafted PDF file, an attacker could trigger the overflow, which may lead to an unexpected application termination or arbitrary code execution," Apple's advisory said.

Another fixed bug is in iChat, the messaging service. “A buffer overflow vulnerability exists in the UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) code used to create Port Mappings on home NAT gateways in iChat. By sending a maliciously crafted packet, a remote attacker can trigger the overflow which may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation when processing UPnP protocol packets in iChat.” Apple said on its website.

Later this year, Apple will release Mac OS X 10.5 Leopard, its first OS produced since the migration to Intel processors. Sometime ago, Apple announced it will delay the release of Leopard until October, because of iPhone, the latest venture of the Cupertino company in mobile market.