apple
Report a problem

Apple Mega-patch Fixes 22 Flaws

Daniel Fleshbourne   on 29 November 2006 - 17:02 · 26 comments & 9675 views

Advertisement (Why?)
Apple Computer has shipped a monster security update to correct a total of 22 vulnerabilities in its Mac OS X operating system. The Cupertino, Calif, company's patch batch includes a fix for a critical Wi-Fi flaw affecting eMac, iBook, iMac, PowerBook G3, PowerBook G4 and Power Mac G4 systems.

The Wi-Fi flaw, first exposed at the beginning of the Month of Kernel Bugs project, was discovered and reported by Metasploit's HD Moore. Apple confirmed that the issue is a heap buffer overflow that exists in the AirPort wireless driver's handling of probe response frames.

"An attacker in local proximity may be able to trigger the overflow by sending maliciously crafted information elements in probe responses," the company said in its advisory. The flaw does not affect systems with the AirPort Extreme card.

View: The full story
News source: eWeek

Share this Article

  • Technorati
  • Magnolia
  • Stumble upon it
  • Reddit
  • Blink List
  • Delicious
  • Slashdot
  • Furl
  • Facebook
  • Windows Live
  • Google
  • Newsvine
  • Yahoo
  • RawSugar
  • Netvouz

About the Author

Full name: Daniel Fleshbourne
User name: Daniel
Contact: via forum PM
Submissions: View All
More: View Bio   New!

Related news

 

Post a comment · Send to friend Comments · There are 26 additional comments
#1 Express on 29 Nov 2006 - 17:08
So called 'Researchers' like Mr. Moore make money by selling their services to companies by saying "hey I found this issue in product xyz; I can help protect your systems from this issue".
Its bad that they release the details of the issues before companies get to fix it.

Hacking is big money money this days so sad.
#2 Syphonic on 29 Nov 2006 - 17:11
I wouldn't call this a 'mega-patch' Im sure previous security updates have included more fixes?
(8 replies) #3 treemonster on 29 Nov 2006 - 17:32
how can apple release a patch for vulnerabilities in it's system, when mac os has never EVER had vulnerabilities?

it is a perfect system, with absolutely no flaws, unlike that other OS...
#3.1 ecotrojan on 29 Nov 2006 - 19:03
Quote - treemonster said @ #3
how can apple release a patch for vulnerabilities in it's system, when mac os has never EVER had vulnerabilities?

it is a perfect system, with absolutely no flaws, unlike that other OS...



I didn't realise Linux had flaws ? =-P
#3.2 Kushan on 29 Nov 2006 - 19:15
I hope to god the original post was intended to be Sarcastic. It's hard to tell with mac fanboys.
#3.3 virtorio on 29 Nov 2006 - 20:12
Quote -
it is a perfect system, with absolutely no flaws, unlike that other OS...

I do hope you're joking.
#3.4 Lilrichie on 29 Nov 2006 - 20:52
Quote - treemonster said @ #3
how can apple release a patch for vulnerabilities in it's system, when mac os has never EVER had vulnerabilities?

it is a perfect system, with absolutely no flaws, unlike that other OS...


Apple has identified potential risks in it's code and proceeded to patch these holes so that hackers, coders, or any other busy body cannot create a programme or script to take advantage of it! I think you should try OSX for a while and you will soon see it does have it's issues.
#3.5 bush on 30 Nov 2006 - 00:05
of course he's joking. and he made a good one
#3.6 brianshapiro on 30 Nov 2006 - 03:58
OSX doesn't have flaws, everything people see as flaws, are only perceptions of flaws, which are flawed perceptions. Once you believe in Mac you will understand this.
#3.7 Neomac v6 on 30 Nov 2006 - 12:24
OS X has flaws, it just doesn't have viruses. It's still exceedingly difficult to exploit the flaws.
#3.8 RealFduch on 01 Dec 2006 - 10:44
No it doesn't! Because it's much more secure than Windows and has very superior UI.
#4 ir0nw0lf on 29 Nov 2006 - 17:50
"Mega-patch" certainly is a relative term based on which fankid camp you are in: Apple fankids would consider this "mega" but Windows fankids would consider this about a medium sized patch hehe.
(2 replies) #5 RAID 0 on 29 Nov 2006 - 20:11
Every OS will have patches and updates and holes and.........No matter WHO it's made by.
#5.1 Mr_Mo on 29 Nov 2006 - 22:57
What if the guy who made it passes away, and only he has the source code? Who will make the patches?
#5.2 RAID 0 on 30 Nov 2006 - 05:28
Quote - Mr_Mo said @ #5.1
What if the guy who made it passes away, and only he has the source code? Who will make the patches?


HAHA. Maybe Mr. Nibbles? I don't know. Let's just pray that does not happen. :-P
#6 EduardValencia on 29 Nov 2006 - 21:01
whoa i thought mac fanboys sworn that their OS is perfect,give me a break
#7 osirisX on 29 Nov 2006 - 21:11
I wonder if the patch included a fix for the adware exploit.
#8 trip21 on 29 Nov 2006 - 21:26
Apple users won't be downloading the new patch, refusing to believe that OSX.4.325.418.725 has 22 flaws!
#9 hapbt on 29 Nov 2006 - 22:41
I wonder if they fixed the stupid commercials that deny their OS has any security flaws?
(1 reply) #10 nwBen on 30 Nov 2006 - 01:00
Ah well. All this means is that OS X has 978 less flaws that Windows
#10.1 RealFduch on 01 Dec 2006 - 10:43
Time paradoX!
(1 reply) #11 Co_Co on 30 Nov 2006 - 01:17
I wonder if there were 22 known flaws before this patch was released?
#11.1 RealFduch on 01 Dec 2006 - 10:39
there were 63 known flaws. this patch fixed 4 of them.
(1 reply) #12 david13lt on 30 Nov 2006 - 04:58
Nope, maybe only 2-4 flaws were... I don't know where has Apple found so many flaws in their product. This still means that their are making a great job.

It will be safer than Windows OS always. This is just true and you can't change that.
#12.1 Divide Overflow on 30 Nov 2006 - 14:13
"Nope, maybe only 2-4 flaws were... I don't know where has Microsoft found so many flaws in their product. This still means that their are making a great job.

It will be safer than Mac OS always. This is just true and you can't change that. "


I can recall many a Mac fanboy pointing out the sheer number of patches to Windows as an obvious sign that Windows is full of bugs, and as such cannot possibly hold a candle to the Holy Glory that is Apple and their MacOS. Now that Apple is actually being more proactive with patching their OS, the tables are turned. Whereas Windows users say that the number of patches prooves MacOS is flawed, Mac users state that the number of patches prooves that Apple is ensuring the security of their product. How ironic!

Also, try not to confuse beliefs with truths. You can't state that MacOS is more secure than Windows unless you either swap MacOS and Windows marketshares at this moment and watch what happens over the next few years, or somehow run a complete code review on both operating systems. And then, assuming the review is perfect (it can't possibly be) you can make a valid comparison. Until then, these arguments will be nothing more than meaningless debate between religious fanbois on either side.

Last edited by Divide Overflow on 30 Nov 2006 - 14:20
#13 jesseinsf on 02 Dec 2006 - 18:43
Come on guys, Apple doesn't want to let the public know about their flaws. What’s wrong with you blind fools. Apple will not release a patch until there are too much vulnerabilities to bare (hence 22). No they don't want the public to know that they are just as BAD! On the other hand, Hackers don't find interest when it doesn't have the better share of the market. Imagine that Apple had the better share of the market over MS. Hackers would have a field day....lol

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.

Advertisement (Why?)
News powered by Neowin Management System (Build - 5.0.1390) © 2000 - 2008 Neowin.net