Four MOAB bugs swatted by Security Update 2007-002
As Erica just noted, Security Update 2007-02 is out, and four of the open security issues raised by the Month of Apple Bugs project are now history. These problems have been addressed by the ongoing patch efforts of Landon Fuller, but his fixes should defer automatically to the new official versions.- Finder -- Mounting a maliciously-crafted disk image may lead to an application crash or arbitrary code execution
- iChat (2 flaws) -- attackers on the local network may be able to cause iChat to crash, & visiting malicious websites/AIM URLs may lead to an application crash or arbitrary code execution
- UserNotificationCenter -- local users may be able to escalate to system-wide privileges
Share
Categories
As Erica just noted, Security Update 2007-02 is out, and four of the open security issues raised by the Month of Apple Bugs project are now...
Add a Comment
I wonder if the iChat update fixes rdar:///4833010, which I reported back in November; it's essentially the same as the URL handler vulnerability, although it applies to a different part of iChat's code. Apple haven't marked the bug as anything other than ‘Open’, so I'm guessing not…
davids...
yeah, funny, I never noticed any of those 'bugs'...
*shrugs
The update seems to work fine for me.
February 15 2007 at 7:14 PM Report abuse Permalink rate up rate down ReplyThere's also a daylight savings time update and a java updated.
February 15 2007 at 7:05 PM Report abuse Permalink rate up rate down ReplyI'm going to try this update out. If it doesn't work I can just reboot from my Sandbox to my main system partition.
February 15 2007 at 7:02 PM Report abuse Permalink rate up rate down ReplyI'm glad to see that months are now only 5-6 days long.
February 15 2007 at 6:58 PM Report abuse Permalink rate up rate down ReplyHot Apps on TUAW
Deals of the Day
more deals- Altec Lansing Octiv Duo iDock for $48 + free shipping
- Used Apple iMac 17" Core 2 Duo 1.83GHz for $430 + $28 s&h
- Lounge Deluxe Stand for iPhone / iPod touch for $28 + $8 s&h
- Brookstone Surround-Sound Earbuds for $14 + $7 s&h
- Refurbished Skullcandy Tokidoki Smokin' Buds Mic'd Headset for $5 + $2 s&h
- Stitchway Backup Battery for iPod / iPhone for $5 + free shipping
Software Updates
more updates- EFI Firmware Update brings Lion Internet Recovery to 2010-model Macs
- OS X Lion 10.7.3 released with Safari 5.1.3, Wi-Fi bug fix
- Aperture updated to 3.2.2, addresses Photo Stream issue
- Apple updates Keynote to address Lion issues
- Google Search app gets new look on iPad
- Apple releases Apple TV Software Update 4.4.3
Featured Stories
more stories
Popular Stories
TUAW (or The Unofficial Apple Weblog) is a website devoted to tips, reviews, news, analysis and opinion on everything Apple.
6 Comments