iTWire - Apple blocks four MoAB exploits

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

Apple blocks four MoAB exploits

E-mail

by Stephen Withers
Friday, 16 February 2007
Security Update 2007-002 for Mac OS X addresses four vulnerabilities highlighted during the Month of Apple Bugs, while other updates take care of daylight saving changes and other issues. Featured Whitepaper 5 Best Practices for Smartphone Support Disk image files now undergo additional validation before being mounted, preventing a buffer overflow caused by maliciously-crafted volume name. The UserNotificationCenter process now drops its group privileges immediately after launching, which should prevent it being exploited by unprivileged local users to gain root privileges. Two iChat vulnerabilities are also addressed by the update. Bonjour messages undergo additional validation to prevent crashing, and AIM URLs now get extra validation to avoid crashing or arbitrary code execution. In related news, Apple has also released Daylight Saving Time Update 1.0 (to accommodate changes in Daylight Saving Time in the US and Canada effective next month and to provide the latest time zone information for other countries) and Java for Mac OS X 10.4, Release 5 (which also handles daylight saving issues as well as "improved reliability and compatibility". Each update is available in versions for Mac OS X 10.3 and 10.4.{moscomment} Tags See All Tags Apple Macintosh Malware Security Software Stephen Withers Powered By Joomla Tags Please enable JavaScript in your browser to post your comment!

< Next story in category		Previous story in the category >

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.