Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Apple Creates Patches For Mac OS X

Apple Computer issued software updates on November 28, 2006 to plug a minimum of 31 different security loopholes in computers loaded with various versions of its Mac OS X operating systems. The free updates are available for download via OS X's 'software update' feature, or directly from 'Apple Downloads'. 'Security Update 2006-07' is empowered to update components from 'AirPort' to 'PHP' of the operating system.

Some notes given with the update say that a vulnerability of the 'AirPort Wireless Driver' was fixed so that attackers on a 'wireless network' could no longer execute arbitrary code. The vulnerability affects 'eMac', 'iBook', 'iMac', 'PowerBook G3', 'PowerBook G4' and 'Power Mac G4' systems loaded with a unique 'AirPort card'. The flaw has no impact on systems with the 'AirPort Extreme card'.

Security researcher HD Moore, on November 1, 2006 disclosed the 'AirPort' flaw. It modifies 'Proxim Wireless Orinoco wireless cards' that 'PowerBook' and 'iMac' computers use.

While Apple warned that an attacker could exploit this flaw to execute unauthorized software on a victim's machine, Moore's 'exploit code' could only result in a computer crash.

Since August 2006, security researchers have been concentrating on 'wireless device drivers'. Accordingly, researchers David Maynor and John Ellch reported about their discovery of a batch of significantly exploitable flaws in 'wireless driver', including the one that has affected Apple's PCs.
Criticisms pointing Maynor and Ellch emerged saying the two presented these flaws using an external 'wireless card' instead of the one that comes with Apple's 'MacBook'. Also, the two of them, supposedly hackers, have not published the code they used in their attack.

Despite all that, Apple provided patches for several vulnerabilities in its 'wireless drivers' in September last. Apple claims to have found these vulnerabilities in the company's 'internal audit' of software.

Apple has released other fixes too to patch easy exploits. Some are bugs that could install malware just by tricking the user to go to a specially crafted site or font files. The bundle of updates also include patches for 'ClamAV' for Mac OS X server and some for problems with the OS X utility required to unzip files.

Related article: Apple Patches QuickTime 13 Month Old Flaw

ยป SPAMfighter News - 12/2/2006

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page