Apple has shipped another Mac OS X monster update to fix a total of 25 documented vulnerabilities that could lead to arbitrary code execution attacks. With Security Update 2008-004, Apple fixes code execution flaws in Launch Services, SMB File Server, System Configuration, VPN and WebKit. It also incorporates fixes for six highly critical -- and previously disclosed -- vulnerabilities in Ruby, the popular open-source scripting language.  The update also sees a major Tomcat patch that addresses nine  vulnerabilities, the most serious of which may lead to a cross-site scripting attack. Here's the skinny from Apple's security bulletin: Alias Manager (CVE-2008-2308):  A memory corruption issue exists in the handling of AFP volume mount information in an alias data structure. Resolving an...