Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Issues Patches For 25 Security Holes

Posted by CmdrTaco on from the it's-much-better-now-trust-me dept.

TheCybernator writes "Apple today released software updates to plug more than two dozen security holes in its Mac OS X operating system and other software. The free patches are available via the Mac's built-in Software Update feature or directly from Apple's Web site. All told, today's batch fixes some 25 distinct security vulnerabilities, including a dangerous flaw present in the AirPort wireless devices built into a number of Apple computers, including the eMac, the iBook, iMac, Powerbook G3 and G4, and the Power Mac G4. Apple said computers with its AirPort Extreme wireless cards are not affected. Earlier this month, Apple released a software update to fix a vulnerability in its wireless router, the AirPort Extreme Base Station. That update and instructions on how to apply it are available at the link."

12 of 241 comments (clear)

  1. Quick summary to avoid reading TFA by 140Mandak262Jamuna · · Score: 5, Informative
    10 of the 25 are local privilege escalations. A few more require physical access to the machine like loading a malformed disk. Some require authenticated access to the machine. (disk access, clear text password exchange, ftp user privilege escalation, untaring a malformed tar file, opening a malformed help file, etc).

    The remote attacks seem to be coming out of the Kerebros admin daemon distributed by MIT 3 holes. One hole each in libinfo, portmap, ichat.

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
    1. Re:Quick summary to avoid reading TFA by Fulkkari · · Score: 2, Informative

      Washingtonpost:

      including a dangerous flaw present in the AirPort wireless devices built into a number of Apple computers, including the eMac, the iBook, iMac, Powerbook G3 and G4, and the Power Mac G4. Apple said computers with its AirPort Extreme wireless cards are not affected.

      Apple:

      A buffer overflow vulnerability exists in the AirPortDriver module which processes control commands for AirPort. By sending malformed control commands, a local user could trigger the overflow which may lead to arbitrary code execution with elevated privileges. This issue affects eMac, iBook, iMac, PowerBook G3, PowerBook G4, and Power Mac G4 systems equipped with an original AirPort card. This issue does not affect systems with the AirPort Extreme card. This update addresses the issue by performing proper bounds checking.

      Forgot to mention its local an exploit? Sounds like FUD spreading to me.

      --
      I demand the Cone of Silence!
  2. Why is this news? by reality-bytes · · Score: 5, Informative

    As an Apple 'outsider' I'm not certain why this is news.

    Is it because these issues/vulnerabilities have been outstanding for a long time? Or perhaps Apple does not patch things often?

    It's an honest question, my Ubuntu systems at home have frequent patches rolled out and the staff at work are always talking about another update on their Windows desktops.

    Isn't Apple the same?

    --
    Ripping an new rectum in the fabric of spacetime.
    1. Re:Why is this news? by 644bd346996 · · Score: 4, Informative

      Did you really mean to say that Apple releases patches more often than Microsoft? Because that is just plain wrong. I get pestered by Windows update at least twice as often as by OS X Software Update, and I use both operating systems regularly.

    2. Re:Why is this news? by clintre · · Score: 2, Informative

      Actually that is far from the truth.

      I am no M$ fanboy, but they used to push out patches constantly, but most IT shops do not want that. Generally IT shops like to validate the patches before applying them to their machines to make sure poorly written software does not have issues with a patch.

      No on in their right mind would push patches out directly to the corporate computers without testing them. By having the patches come out on the same day every month you allow preparation and planning.

      Really Apple is no more secure than Windows, Linux yes Apple no. It all comes down to how you configure it after you get it in any case. I have done plenty of penetration tests on Apple, M$, and several Linux distros. M$ is no where near as bad as it once was.

    3. Re:Why is this news? by notthepainter · · Score: 3, Informative

      It's worth noting that Mac OS 9, which had no security whatsoever, had almost no (or none? The point is I've never come across one) viruses or worms.

      I can only think of one in recent memory. The Hong Kong worm http://www.makingpages.org/pagemaker/virus.html, aka Autostart 9805, was pretty devasting to the pre-press industry which passed around zip cartridges like they were free. This would have been back in 1998.

      Paul

  3. 10.3.9 also patched by kybred · · Score: 5, Informative

    Apple is providing some patches for 10.3.9 as well. Good to see that they are still providing security related updates for the previous system.

  4. Re:I'd like to propose a tag by Aladrin · · Score: 3, Informative

    I think you have totally misunderstood what that tag means. It means that the designer specifically designed the device to not do something that is normally expected or wanted, or has been designed in such a way as to annoy the user constantly. In other words, they had to work harder to make sure the device did not work. Typical MS things that are defective by design are DRM, Clippy, and that new security thing in Vista that is so annoying.

    These were bugs, not by design. Apple didn't not specifically intend for them to exist, and has now fixed them.

    --
    "If you make people think they're thinking, they'll love you; But if you really make them think, they'll hate you." - DM
  5. Re:Just the facts by larkost · · Score: 4, Informative

    One thing to note: the one bug that Secunia is rating as "moderately critical" is on FTP, and it is not enabled by default.

  6. Re:Cue Apologists by nevali · · Score: 2, Informative

    And yet none of those remotely-vulnerable services are enabled by default. Indeed, of the three, two of them wouldn't get switched on by the vast majority of Mac users.

    Which is somewhat different to, say, the .ANI vulnerability.

  7. PWN to OWN by slyborg · · Score: 2, Informative

    http://blogs.zdnet.com/security/?p=173
    So I wonder if this invalidates the contest. This just revealed vulns that aren't patched on the contest machines.

  8. Windows before 1997 had relatively few viruses too by argent · · Score: 3, Informative

    It's worth noting that Mac OS 9, which had no security whatsoever, had almost no (or none? The point is I've never come across one) viruses or worms.

    Back in the '80s and early '90s the Mac was a fertile breeding ground for viruses, because of the design of the system. Just putting a floppy in the drive was enough to run code. Apple's response to this was to get rid of automatic execution of code fragments on floppies and in resource forks of documents. This was a normal and sane response to a bad design.

    If you want to know why it hasn't been the target of a concerted hacker attack, you have to look elsewhere than the "Windows is insecure by design, OS X and Unix isn't" stuff that's become the prevailing consensus.

    While the fact that there are more Windows boxes out there, there are several features of Windows that are insecure-by-design that have had a huge impact on Windows security. In particular, the design of Internet Explorer and the integration of the HTML control into the desktop and email programs had an enormous and direct effect on the spread of viruses and worms on Windows machines all out of proportion to their popularity.

    Before the release of "Open Desktop", the virus problem on Windows really was managable without antivirus software. Just following good software hygiene was enough to make viruses a rare problem. Afterwards, I found that simply not allowing the use of IE and Outlook and other components that used the HTML control to display untrusted documents was more effective than antivirus software, because it removed the mosty common point of entry of new viruses.

    The sane response to this would have been to back out the desktop-browser integration and redesign the system so that the right to run unsandboxed code was SOLELY mediated by the application displaying the document. Microsoft, instead, attempted to come up with tighter and tighter heuristics as to when to allow documents out of the sandbox, which boggled my mind then and still boggles my mind now.

    There are other problems in the design of Windows that I've discussed before, but this one should be more than enough to make my point, especially after you handed me such a great counterexample.