Text Size

Apple fixes more bugs with Security Update 2007-009

updated 06:40 pm EST, Mon December 17, 2007

Security Update 2007-009

Apple has released Security Update 2007-009 for both Mac OS X Leopard and Tiger (Intel, PowerPC). The company recommends the update for all users. Among the included security enhancements are the closures of several bugs where visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. For instance, a Tiger-specific format string vulnerability exists in Address Book's URL handler. By enticing a user to visit a maliciously crafted website, a remote attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issue through improved handling of format strings. Another Tiger-specific issue, the potential for memory corruption in the handling of images with an embedded ColorSync profile is exploited by enticing a user to open a maliciously crafted image. This update addresses the issue by performing additional validation of images.

For Leopard, this update addresses an issue where, if SNMP is enabled, a remote attacker may cause an unexpected application termination or arbitrary code execution because of a stack buffer overflow. This update addresses the issue by performing additional validation of SNMP responses. The issue does not affect systems prior to Mac OS X 10.5.

Adobe Flash Player is updated to version 9.0.115.0 with this update to address a number of vulnerabilities, and an issue where an attacker on the local network may initiate an iChat video conference with a user without the user's approval has been resolved by requiring user interaction to initiate a video conference.

Also, prior to this update, Launch Services did not handle HTML files as potentially unsafe content. By enticing a user to open a maliciously crafted HTML file, an attacker may cause the disclosure of sensitive information or cross-site scripting. This update addresses the issue by handling HTML files as potentially unsafe content. An implementation issue in Launch Services, which may allow executable mail attachments to be run without warning when a user opens a mail attachment (Leopard-specific) is also addressed.

Another security issue addressed in this update affects QuickLook: When previewing an HTML file, plug-ins are not restricted from making network requests. This may lead to the disclosure of sensitive information. This update addresses the issue by disabling plug-ins. In addition, creating an icon for a movie file, or previewing that file using QuickLook may access URLs contained in the movie. This update addresses the issue by disabling HREFTrack while browsing movie files.

Finally, prior to this update, when Software Update checks for new updates, it processes a distribution definition file which was sent by the update server. Apple says: "By intercepting requests to the update server, an attacker can provide a maliciously crafted distribution definition file with the 'allow-external-scripts' option, which may cause arbitrary command execution when a system checks for new updates. This update addresses the issue by disallowing the "allow-external-scripts" option in Software Update."

 
Previous Comments

airport runs better

12/17, 10:47pm reply

seems like the flakiness of airport has been solved (especially when waking up from sleep).

JohnnyFive

Fresh-Faced Recruit

Joined: Feb 2003

0

only for 10.4.11

12/18, 08:15am reply

This only works, however, if you've upgraded to 10.4.11. Some people have yet to do so, for various reasons (the main one being issues with Safari 3.0).

Does this mean 10.4.10 isn't affected?

testudo

Fresh-Faced Recruit

Joined: Aug 2001

0

What problems?

12/18, 09:26am reply

What are these issues with Safari 3? I have been using it since its Beta and it is more compatible with websites than ever before. The beta crashed a lot but not so on the final. Apple finally caught up web kit to mozilla.

bhuot

Fresh-Faced Recruit

Joined: Nov 2003

0

useless

12/18, 09:57am reply

There's no security issues with OS X, no compromised systems. Apple releasing this, and sites like MacNN reporting it, only go to give the impression of an insecure platform. Probably Apple-haters trying to get as much bad press as possible for the mac platform

LouZer

Fresh-Faced Recruit

Joined: Nov 2000

0

Dude...

12/18, 02:08pm reply

Are you for real louzer? Seriously?! You don't understand what the phrase "arbitrary code execution" means? It means if the malicious code succeeds in running it can do anything it wants, yes, it could just cause a program termination, but it can also get in and do Bad Things™ Security Updates are serious things. I don't think you're serious are you louzer?

jbruner

Fresh-Faced Recruit

Joined: Jun 2003

0

Popular News