Apple on Thursday released fixes for 25 security vulnerabilities in Mac OS X and Mac OS X Server versions 10.3.9 and 10.4.9.
In an advisory, Apple noted that three of the fixes addressed vulnerabilities reported during the Month Of Apple Bugs, including format string vulnerabilities in the Installer and Help Viewer applications and a system configuration flaw in the writeconfig utility that could open the door to malicious code execution.
Apple also fixed a buffer overflow vulnerability in the AirPortDriver module, which handles control commands for the Cupertino, Calif.-based vendor's AirPort wireless LAN product.
The flaw, which affects eMac, iBook, iMac, PowerBook G3, PowerBook G4 and Power Mac G4 systems equipped with an original AirPort card, could also enable an attacker to execute malicious code on an affected system, Apple said in the advisory.
Another fix addressed a buffer overflow in the VideoConference framework in OS X Server, which could be triggered by an attacker by sending a rigged SIP packet during the initialization phases of an audio/video conference. Apple said it has implemented additional validation for SIP packets to address the issue.
Apple also addressed several security issues stemming from vulnerabilities in the MIT Kerberos administration daemon (kadmind), the most severe of which could lead to application crashes or malicious code execution.
|
Symantec's Code Red: The Law Enforcement/Anonymous E-Mail Exchange Law enforcement officials negotiated via e-mail for more than two weeks with an Anonymous group member trying to extort $50,000 from Symantec to keep stolen product code off the Internet. |
|
How To Sell IT Security Services To Your Customers Cyberattacks can cost a business thousands, even millions, of dollars, and can deal a death blow to some. Here's how IT solution providers can help guard against malicious attacks. |
|
Cybersecurity Experts: What They Know Could Scare You A recent report based on interviews with security experts in government, business and academia finds more than half in agreement that a worldwide arms race is taking place in cyberspace. |
 More
Slide Shows |
- Month Of Apple Bugs Starts With QuickTime Exploit
- Researchers Plan Campaign To Flag Apple Security Flaws
- Apple Fixes Wi-Fi Flaw From 2006
- Microsoft Shows Its Love In Valentine's Day Patch Release
- Worker Abuse Protest Targets Apple, Supplier Foxconn
- Report Says iPad 3 In March; What Do Apple VARs See Ahead?
- Seven Hot Business Apps For Mac OS X
- Insider Threats: The Next Frontier for Security Resellers and SMBs
- Complete Security and Your Bottom Line: Sophos, Value and the Channel
- Tough Threats, Tougher Security: How You Can Leverage New Solutions To Combat A “Targeted Attack” Landscape
- Dark Clouds Ahead: Why the Mid-Market Needs To Ramp Up Cloud Security and How You Can Help Them Get There
