Apple Releases Vulnerability Fixes, iPhone 2.1 Update To Come Friday
According to the U.S. Computer Emergency Readiness Team (CERT), the exploitation of the vulnerabilities can enable attackers to execute arbitrary code, cause a denial-of-service condition, conduct DNS cache poisoning attacks, spoof or hijack TCP sessions, access the system with escalated privileges, or obtain sensitive information.
For example, the iTunes 8 version on Mac OS X v10.4.11, Mac OS X Server v10.4.11, shows a misleading firewall warning dialog, according to Apple's support site. The company said that when the firewall is configured to block iTunes Music Sharing and the user enables iTunes Music Sharing in iTunes, a warning dialog is displayed which incorrectly informs the user that unblocking iTunes Music Sharing doesn't affect the firewall's security. Allowing iTunes Music Sharing or any other service through the firewall inherently affects security by exposing the service to remote entities. An update is now available that refines the text in the warning dialog. Apple said that the issue does not affect systems running Mac OS X v10.5 or later. Apple credited Eric Hall of DarkArt Consulting Services for reporting the issue.
Another fix was issued for QuickTime 7.5.5 on Windows Vista, XP SP2 and SP3. Apple warned that viewing a maliciously crafted movie file can lead to an unexpected application termination or arbitrary code execution. According to the Apple support page, an uninitialized memory access issue exists in the third-party Indeo v5 codec for QuickTime, which does not ship with QuickTime. The fix addresses the issue by not rendering content encoded with any version of the Indeo codec. The problem does not affect systems running Mac OS X. Apple credited Paul Byrne of NGSSoftware for reporting the problem.
Apple has also issued fixes for the iPod touch v2.0 through v2.0.2 to remedy a problem with the application Sandbox. This problem does not affect iPod touch versions prior to v2.0, the company said. The Sandbox app does not properly enforce access restrictions between third-party applications and could enable a third-party application to read files in another third-party application's sandbox leading to the disclosure of sensitive information. Apple said that the update fixes the issue by enforcing the proper access restrictions between application sandboxes. The company gave credit to Nicolas Seriot of Sente and Bryce Cogswell for reporting the problem. Other fixes for various iPod versions include problems with CoreGraphics, mDNSResponder, WebKit and networking.
Fixes were also issued for Bonjour for Windows 1.0.5 for Windows Vista, XP SP2 and SP3, 2003, 2000 regarding mDNSResponder that covers a maliciously crafted ".local" domain name and forged information for unicast DNS queries.
More specific information about product updates can be found on Apple's Software Update application or the Apple Downloads site.
As Steve Jobs was "rocking out" at Apple's show on Tuesday to The Doors, he announced that on Friday the company is releasing iPhone firmware 2.1. "It's a big update, it fixes lots of bugsfewer call drops, significantly improved battery life, not as many crashes and backing up to iTunes is dramatically faster and some new performance enhancements as well, free to all iPhone owners."
As Jim Morrison put it, "Can't you see that I am not afraid? What was that promise that you made?"