Apple Mega-patch Fixes 22 Flaws

Apple Computer has shipped a monster security update to correct a total of 22 vulnerabilities in its Mac OS X operating system. The Cupertino, Calif, company"s patch batch includes a fix for a critical Wi-Fi flaw affecting eMac, iBook, iMac, PowerBook G3, PowerBook G4 and Power Mac G4 systems.

The Wi-Fi flaw, first exposed at the beginning of the Month of Kernel Bugs project, was discovered and reported by Metasploit"s HD Moore. Apple confirmed that the issue is a heap buffer overflow that exists in the AirPort wireless driver"s handling of probe response frames.

"An attacker in local proximity may be able to trigger the overflow by sending maliciously crafted information elements in probe responses," the company said in its advisory. The flaw does not affect systems with the AirPort Extreme card.

View: The full story
News source: eWeek

Report a problem with article
Next Article

No more replies from Google Answers

Previous Article

CPU wars to enter new level with 45nm Penryn in 2007