MoAB Fixes for Mac OS X updated

Stephen Withers
Tuesday, 03 April 2007 11:19

Business IT - Technology

The MoAB Fixes team has updated its run-time patching software to take account of Apple's latest updates addressing some of the remaining flaws identified by the Month of Apple Bugs project.

Following the release of Security Update 2007-003 and Mac OS X 10.4.9, the MoAB plug-in no longer compensates for vulnerabilities in iPhoto (malformed photocast XML files), Preview (malformed catalogues in PDF files), iChat (malformed aim:// URLs) or in the mounting of disk image files (malformed filesystems).

The patches still remaining in MoAB Fixes protect against the exploitation of QuickTime HREFTrack cross-zone scripting, the format string vulnerability in Apple's Installer and the memory corruption vulnerability in Flip4Mac (Telestream's software allowing QuickTime to handle WMV files).

It also continues to protect against the Software Update vulnerability that was mitigated but not fixed by Security Update 2007-003.
 
MoAB Fixes can be downloaded via project founder Landon Fuller's web site. It requires Unsanity's Application Enhancer.