Apple Patches The Flaw In Mac Wi-Fi
Apple has patched the flaw in its product 'AirPort'. The vulnerability was exposed late in 2006 as part of Apple's "Month of Kernel Bugs" program. A scammer could easily compromise a Mac PC and cause the entire system to go kaput by sending specifically designed data to the PC via a wireless network, an alert from Apple divulged. The Intel Core Duo versions of Mac Mini, NacBook, and MacBook Pro were affected by this flaw in Mac.
Also noted the alert, a miscreant in neighborhood can easily cause a system break down by just sending a malevolently designed frame to the affected system.
The way of handling wireless frames by AirPort Extreme is hugely affected by this bug. The alert has asserted that consequently an off limit memory read is likely to happen and the attack's impact on a wireless system might result in system crashes.
This was the second flaw being patched by Apple as part of the Kernel Bugs project. The first one was disclosed in November last year. It was to patch another wireless vulnerability researchers detailed as HD Moore - the 1st of the Kernel Bugs. As a minimum, there're other Apple specific Kernel bugs that are yet to be patched.
The 6.5MB update was described by the company as "Recommended for Intel-based Mac systems & provides compatibility with base stations & networks of AirPort Extreme."
A Security Bulletin of Apple read, latest models of MacBook Pro and MacBook that are powered by Core 2 Duo CPUs aren't in jeopardy. Patch can be retrieved by Mac owners with the help of the built-in manual or automatic update service of the OS.
The issue was reported by an anonymous researcher identified as L.M.H, acknowledges Apple. The update came after QuickTime update's release, used to patch vulnerability L.M.H. had exposed. However, the contentious researcher wasn't accredited by Apple in that instance.
Now, L.M.H. is said to be engaged in MoAB project. The anonymous researcher, in an interview conducted recently via email, divulged that he was highly motivated to expose vulnerabilities in this way, say Search Security reports.
He continued, "Having someone expose your security vulnerabilities is much better than bad guys knowing them alone. The vendor is thus pushed to modify its policies and procedures for handling flaws and exposure. Thereby, resulting in all the gains for the users."
Related article: Apple Patches QuickTime 13 Month Old Flaw
» SPAMfighter News - 30-01-2007
We are happy to see you are reading our IT Security News.