Apple Inc. released a massive security update Wednesday, fixing flaws attackers could exploit in Mac OS X and Safari to infect machines with malware and cause system crashes.
- An input validation issue in Adobe Flash Player attackers could exploit to launch malicious
code by tricking the user into opening maliciously crafted Flash content. Apple has updated Adobe
Flash Player to version 18.104.22.168 to fix the problem.
More Apple security news
Why hacking contests, 'month-of' projects don't help
Ivan Arce, chief technology officer of Core Security Technologies, explains why he thinks "month of" projects are all about marketing hype.
Security Squad podcast: Mac hacks (.mp3)
In this podcast, editors debate the growing concern about Apple security and whether Apple really cares about keeping its products secure.
Mac hack puts Apple faithful on the defense
A much-hyped QuickTime exploit threatens Mac OS X and Windows browsers, but the Apple faithful feel the greatest sting.
- A null pointer dereference issue in AppleRAID that may be triggered when mounting a striped
disk image. Attackers could exploit this to cause an unexpected system shutdown. Apple noted that
Safari will automatically mount disk images when "Open `safe' files after downloading" is enabled.
This update addresses the issue by performing additional validation of disk images.
- ISC BIND 9 through 9.5.0a5 uses a weak random number generator during the creation of DNS query
IDs when answering resolver questions or sending NOTIFY messages to slave name servers. This makes
it easier for remote attackers to guess the next query ID and perform DNS cache poisoning. This
update addresses the issue by improving the random number generator.
- An implementation issue exists in the File Transfer Protocol (FTP) portion of CFNetwork. By
sending maliciously crafted replies to FTP PASV (passive) commands, FTP servers are able to cause
clients to connect to other hosts. This update addresses the issue by performing additional
validation of IP addresses.
- An issue exists in the validation of certificates. A man-in-the-middle attacker may be able to
direct the user to a legitimate site with a valid SSL certificate, then redirect the user to a
spoofed Web site rigged with malware. Attackers could exploit this to collect user credentials and
other information. This update addresses the issue through improved validation of certificates.
- A null pointer dereference issue exists in the CFNetwork framework. By tricking a user into
using a vulnerable application to connect to a malicious server, an attacker could crash the
application. This update addresses the issue by performing additional validation of HTTP replies.
- A one-byte buffer overflow may occur in CoreFoundation when listing the contents of a
directory. By enticing a user to read a maliciously crafted directory hierarchy, an attacker could
crash an application or launch malicious code. This update addresses the issue by ensuring that the
destination buffer is sized to contain the data.
- An uninitialized object pointer vulnerability exists in the handling of text content. By
tricking a user into viewing maliciously crafted text content, an attacker could crash an
application or launch malicious code. This update addresses the issue by performing additional
validation of object pointers.
- Attackers could exploit format string and tabbed browsing implementation errors in Safari by tricking a user into opening a download file with a maliciously crafted name. By doing this, the attacker could crash the application or launch malicious code. This update addresses the issue through improved handling of format strings and improved handling of authentication sheets.