[ news_security_news ]
Apple Fixes Five Issue With 10.4.7
David Utter
Staff Writer
2006-06-28
 Insider Reports RSS Feed
The incremental update to Mac OS X released yesterday includes patches for five security issues, two of which posed arbitrary code execution threats.
Apple's latest update to its signature Mac OS X platform included a quintet of security fixes for the operating system.
Issues impacting the ClamAV program and TIFF-image viewing posed the highest risk for Mac OS X users. Desktop Pipeline reported that security vendor Symantec had assigned its highest severity rating to the vulnerabilities Apple addressed.
If exploited, those vulnerabilities could open a machine to a malicious attack. The ClamAV issue would require the virus scanner to be turned on, as it is off by default, and to access a fake ClamAV database mirror that would cause a stack-based buffer overflow in the software.
That condition, like the one caused by the viewing of maliciously crafted TIFF images, could cause arbitrary code to be executed on the victim's machine. None of the five security updates impact versions of OS X before 10.4.
Apple's fix also close issues in OpenLDAP, the setuid program launchd, and Apple File Protocol (AFP server). Automatic Software Update should grab the update for Apple users, or it can be obtained from Apple Downloads.
---
Tag: Apple
Add to  Del.icio.us |  Digg |  Yahoo! My Web |  Furl
Bookmark WebProNews: 
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
