Apple Patch Fixes 18 Flaws In Mac OS X

Discussion in 'Computer Support' started by Rotten Apples, Aug 7, 2009.

  1. http://www.crn.com/security/219100321;jsessionid=KJVF154WC5HBZQE
    1GHRSKHWATMY32JVN

    Apple (NSDQ:AAPL) released a security update Wednesday,
    repairing 18 holes in its Mac OS X operating system, including
    several critical imaging errors that enabled hackers to take
    over victims' computers when they view a maliciously crafted
    image file.

    The Apple update, which upgrades the Mac OS X platform to
    10.5.8, repaired an array of imaging flaws, as well as
    vulnerabilities affecting the Safari Web browser. The flaws
    paved the way for hackers to launch malicious code remotely on
    users' computers.

    Altogether, Apple plugged five holes in the way ImageIO
    Framework -- an application designed to help Mac applications
    read and write popular image formats -- handles OpenEXR files,
    EXIF metadata and PNG images. Other image flaws included a patch
    that resolved two heap buffer overflow vulnerabilities: one in
    the way ColorSync, a color management interface, handles an
    embedded profile; and the other in the way that ImageRAW handles
    a Canon (NYSE:CAJ) RAW image file.

    If left unpatched, hackers could launch attacks by enticing a
    user to open a malicious image file -- usually through some
    social engineering scheme -- which would subsequently download
    information-stealing malware onto the user's system.

    The patch also plugged a critical flaw affecting Apple's Safari
    Web browser, occurring in CFNetwork, which allows hackers to
    direct victims to a malicious Web site while the original Web
    site URL remains displayed along with a certificate of warning.

    Apple also repaired two networking vulnerabilities, one of which
    could lead to remote code execution or a system crash if a user
    opened a malicious AppleTalk response packet.

    Included in the patch bundle was a fix for a heap buffer
    overflow vulnerability in the XQuery component, which could lead
    to remote execution by processing maliciously crafted XML
    content.

    Apple also fixed slightly less severe vulnerabilities in its
    launchd services, which could lead to a denial of service attack
    by opening numerous connections in launchd services, as well as
    a logic bug in MobileMe, which could fail to delete all
    credentials once a user logged out.
     
    Rotten Apples, Aug 7, 2009
    #1
    1. Advertisements

  2. Rotten Apples

    tholen Guest

    What does that have to do with OS/2, Rotten Apples?
     
    tholen, Aug 7, 2009
    #2
    1. Advertisements

  3. Rotten Apples

    tholen Guest

    Take it up with Rotten Apples, who chose the
    newsgroup distribution, Rôgêr.
     
    tholen, Aug 7, 2009
    #3
  4. And the fanboys would have you believe that OS X is some sort of fault
    free zone. Just *nix with a pretty GIO, and a nasty GUI too, which
    attempts to keep you locked up nice and tight in the Apple walled
    garden, in a fantasy world of over priced under powered plastic.
     
    Caulfield Man, Aug 8, 2009
    #4
  5. Rotten Apples

    macfan Guest

    That is incorrect, most Macs have Aluminium cases, not plastic. ;)
     
    macfan, Aug 8, 2009
    #5
  6. Good point, they're overpriced under powered plastic and aluminium.

    (but the Macbook I just bought my teenager is still white plastic)
     
    Caulfield Man, Aug 8, 2009
    #6
  7. Rotten Apples

    tholen Guest

    What does that have to do with OS/2, Rôgêr?
     
    tholen, Aug 8, 2009
    #7
  8. Rotten Apples

    ah Guest

    PLONK
     
    ah, Aug 11, 2009
    #8
  9. Rotten Apples

    ah Guest

    DUH NADA
     
    ah, Aug 12, 2009
    #9
  10. Rotten Apples

    tholen Guest

    snuhwolf writes:

    243> Google "Dave Tholen" sometime to see what bot-like Human Stump
    Dave is like,
    243> fyi.

    Classic erroneous presupposition.

    243> <wavies to Davey>

    Who is "Davey" snuhwolf? There is nobody in this newsgroup using
    that alias.

    244> I like your idea lots better.

    Then why not go do it rather than posting on Usenet, snuhwolf?

    245> Defenestration is inscribed in semen, local.

    245> Eat the fackin chowder. Its a good idea to beat a whale before
    245> toasting.

    What does that have to do with OS/2, snuhwolf?

    246> You have to patch it up. Get some add-ons for it..."Leet Key" is
    one
    246> good one.

    246> HTH

    246> NOW LISSENING TUE SKREWDRIEVERS!!!!!!!!!!!!!1111111!!!!!!!!

    What does that have to do with OS/2, snuhwolf?
     
    tholen, Aug 17, 2009
    #10
  11. Rotten Apples

    tholen Guest

    ah writes:

    3494> Defecation is proscribed in demon.local

    3494> Please see the FAQ'n Charter. It's a good idea to read a while
    before posting.

    3495> PLONK

    Famous Last Words.

    3496> DUH NADA

    What does that have to do with OS/2, ah?
     
    tholen, Aug 17, 2009
    #11
  12. Rotten Apples

    ah Guest

    Don't make me come over tjhere.
     
    ah, Aug 19, 2009
    #12
  13. Rotten Apples

    tholen Guest

    ah writes:

    3497> Don't make me come over tjhere.

    What is "tjhere", ah, and what does it have to do with OS/2?
     
    tholen, Aug 19, 2009
    #13
  14. Rotten Apples

    tholen Guest

    honestjohn writes:

    1670> Please, can't you see that "ah" has Alzheimer's Disease?

    What does that have to do with OS/2, honestjohn?
     
    tholen, Aug 19, 2009
    #14
  15. DU YUO HACE ANY SKREWDRIEVERS TO DISCUS, RASE TRADIR?


    --
    Proof of Americas 3rd world status:
    http://www.ramusa.org/
    "I believe there are more instances of the abridgement of freedom of the people
    by gradual and silent encroachments by those in power than by violent and
    sudden usurpations.... The means of defense against foreign danger historically
    have become the instruments of tyranny at home."
    -James Madison
     
    §ñühw¤£f, Aug 19, 2009
    #15
  16. Rotten Apples

    tholen Guest

    snuhwolf writes:

    247> DU YUO HACE ANY SKREWDRIEVERS TO DISCUS, RASE TRADIR?

    What does your question have to do with OS/2, snuhwolf, and why
    are you shouting?
     
    tholen, Aug 20, 2009
    #16
  17. IEM USING MY OWTSIED VOICE!!!!!!!!!11111111!!!!!!!!!
    SKREEMING IZ TEH FUNZORZ!

    ^_^

    --
    Proof of Americas 3rd world status:
    http://www.ramusa.org/
    "I believe there are more instances of the abridgement of freedom of the people
    by gradual and silent encroachments by those in power than by violent and
    sudden usurpations.... The means of defense against foreign danger historically
    have become the instruments of tyranny at home."
    -James Madison
     
    §ñühw¤£f, Aug 20, 2009
    #17
  18. Rotten Apples

    tholen Guest

    snuhwolf writes:

    248> IEM USING MY OWTSIED VOICE!!!!!!!!!11111111!!!!!!!!!
    248> SKREEMING IZ TEH FUNZORZ!

    What does that have to do with OS/2, snuhwolf, and why
    are you shouting?
     
    tholen, Aug 21, 2009
    #18
  19. <> pinched out a steaming pile
    Because I glued my caps-lock key down with a huge volume of cum...


    --

    cageprisoners.com|www.snuhwolf.9f.com|www.eyeonpalin.org
    _____ ____ ____ __ /\_/\ __ _ ______ _____
    / __/ |/ / / / / // // . . \\ \ |\ | / __ \ \ \ __\
    _\ \/ / /_/ / _ / \ / \ \| \| \ \_\ \ \__\ _\
    /___/_/|_/\____/_//_/ \[email protected]_/ \__|\__|\____/\____\_\
     
    §ñühw¤£f, Aug 21, 2009
    #19
  20. Rotten Apples

    tholen Guest

    snuhwolf writes:

    249> Because I glued my caps-lock key down with a huge volume of
    cum...

    What does that have to do with OS/2, snuhwolf? Apparently not a very
    long-lasting glue.
     
    tholen, Aug 21, 2009
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.