Apple Macbook pro and other wireless fixes



Do you remember the big bruhaha a month or so back about the “apple wireless vulnerability” that everybody picked apart because in the video taped demonstration they used a third party card…. EVEN though the demonstrators stated that the same vulnerability existed in Apple’s own driver some on the internet tore one reporter up over stating that because Apple denied being shown exploit code (slight semantic issue there…) Well… those driver vulnerabilities that must have not existed, were fixed today by Apple. Brian Krebs has the story, as well as incidents.org


What’s really interesting is that several remote code execution vulnerabilites are fixed in this update, but no credit is given to the company that presented the vulnerability, so it’s either “bad blood” over the issue or a matter of pride for Apple since they’ve not admitted the demonstrated vulnerability was actually in their driver. In fact…. according to the Security Fix post they (Apple) say…

“Basically, what happened is SecureWorks approached Apple with a potential flaw that they felt would affect the wireless drivers on Macs, but they didn’t supply us with any information to allow us to identify a specific problem. So we initiated our own internal product audit, and in the course of doing so found these flaws.”

–Update 10/1/06–

This is still an ongoing controversy. There definitely appears to be bad blood, it’ll continue to be interesting to follow this one.

Related Posts

Blog Traffic Exchange Related Posts
  • Firefox zero-day vulnerability (or is it?) I saw a comment somewhere else that zero-day was overused and in essense ANY previously unknown vulnerability in open source software is technically zero day... the intent here though is to use the word in this context.... "vulnerability has been released without giving the vendor an opportunity to patch..." Yes,......
  • Intel Proset Wireless update A couple weeks back, there was a pretty important security update for the Intel Proset Wireless driver. The big problem is that the update was a memory hog and caused porblems. Sans has info on the update to the update, also George Ou is encouraging everyone to make sure they've......
  • Infocon Green and apple updates The Sans institute (incidents.org) has returned to infocon green. Explaining that there are no fundamentally new variations on the exploits that were circulating and the situation is fairly static. (No big moves in infected machines/port scanning activity.) Also, they note that Apple has released several updates. They effect 10.3.9 and......
Blog Traffic Exchange Related Websites
  • Ten Problems that Home Inspectors Find When you get your home inspected, any problems that are found mean that you have to fix them and get another inspection, at a greater cost to you. You can prepare to avoid that second inspection by learning what home inspectors consider to be the ten problems they most frequently......
  • Review of Drywall Pro Tips For Hanging and Finishing John Wagner's book on Drywall tips is incredibly useful and is well suited for beginners or those with a modicum of do it yourself experience. Experts probably won't get much out of it, but for its intended audience, it definitely hits all the right notes. Even if you're not planning......
  • Revir Malware for OS X Undergoes Revision Topher Kesslerof CNET wrote an interesting article about the PDF-based malware threat for the Mac OS X.  Apple had released a new security update, updating its malware definition, aimed at protecting Mac users from this threat, but according to Kessler's article, it seems to have been revised. Read more: http://www.itproportal.com/2011/09/27/apple-counters-pdf-trojan-threat-malware-definition-update/#ixzz1ZvQRk8xN......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site