Apple unleashed a major patch load Tuesday, repairing a total of 34 security vulnerabilities, at least nine of which could lead to remote code execution attacks, for versions of its Mac OS X platform.
Altogether, Apple issued 18 security updates affecting both Tigard and Leopard operating systems, versions 10.4 and 10.5 respectively, which fixed holes in ATS, BIND, ClamAV, Directory Services, Finder, ImageIO, Kernel, libresolv, Login Window, mDNSResponder, OpenSSH, QuickDraw Manager, Ruby, SearchKit and System Configuration, System Preferences, Time Machine, Video Conference and Wiki Server.
Among some of the most significant updates were fixes for mDNSResponder and libresolv, repairing several high profile errors that enable a remote hacker to execute a DNS cache poisoning attack on a computer when a user is surfing the Web.
The error stems from a fundamental multi-platform error in the DNS protocol that opens up the door for a remote attacker to send phony or forged information to applications that rely on mDNSResponder, a function which essentially "translates" conversations between host names and IP addresses when a user makes an online request to visit a Website.
Two separate updates address the DNS flaws in both libresolv and mDNSResponder by randomizing the source port and transaction ID in order to improve resiliency and reduce the chances of a cache poisoning attack.
While cache poisoning errors have existed for years, researcher Dan Kaminsky of IOActive initially detected this particular variation of the error, releasing details during the BlackHat USA conference in August.
Also included in the patch bundle were fixes for ClamAV, Apple's opensource antivirus software embedded under the hood in its OS X server.
Apple additionally released numerous fixes for critical memory corruption errors in the handling of TIFF images. If left unpatched, an attacker could execute arbitrary code or unleash a denial of service attack on a vulnerable system after enticing a user to view maliciously crafted TIFF or JPEG images.
Another imaging error found in the QuickDraw Manager resulted from an integer overflow flaw that could potentially allow a remote attacker to execute a denial of service attack or completely take control of an affected system if a user opened a specially crafted PICT image containing malicious code.
Not all of the errors fixed by the update allowed remote code exploitation, an impact that other IT companies often deem as critical. Update 10.5.5 also addressed several flaws in Finder that enabled an attacker with access to the local network to cause the Finder to exit immediately after it starts, ultimately rendering the system unusable.
A Finder patch repaired a glitch in the Get Info window which prevented users from viewing changes to the filesystem Sharing & Permissions function after cliking the lock button.
The patches are available through the Software Update or Apple Download sections on the Apple Website. The site advises Mac users to patch their systems as soon as possible.
|
Symantec's Code Red: The Law Enforcement/Anonymous E-Mail Exchange Law enforcement officials negotiated via e-mail for more than two weeks with an Anonymous group member trying to extort $50,000 from Symantec to keep stolen product code off the Internet. |
|
How To Sell IT Security Services To Your Customers Cyberattacks can cost a business thousands, even millions, of dollars, and can deal a death blow to some. Here's how IT solution providers can help guard against malicious attacks. |
|
Cybersecurity Experts: What They Know Could Scare You A recent report based on interviews with security experts in government, business and academia finds more than half in agreement that a worldwide arms race is taking place in cyberspace. |
 More
Slide Shows |
- Insider Threats: The Next Frontier for Security Resellers and SMBs
- Complete Security and Your Bottom Line: Sophos, Value and the Channel
- Tough Threats, Tougher Security: How You Can Leverage New Solutions To Combat A “Targeted Attack” Landscape
- Dark Clouds Ahead: Why the Mid-Market Needs To Ramp Up Cloud Security and How You Can Help Them Get There
