Apple is fixing 15 security flaws with the 10.4.8 version upgrade of Mac OS X. (There is a second update as well…. Security Update 2006-006). In typical fashion there are a bundle of issues in these updates. Several address remotely exploitable vulnerabilities.
According to Incidents.org 10.4.8 addresses the following….
- connecting to wireless networks using the EAP-FAST protocol
- Apple USB modem reliability
- using OpenType fonts in Microsoft Word
- compatibility with 3rd party USB hubs
- scanner performance
- RAW camera support
- printing documents with Asian language names
- performance of the Translation widget
- broadband network performance
That didn’t sound too bad, but some of the bad issues are lumped in to the 2006-006 security update.
Some of the remotely exploitable vulnerabilities COULD be exploited merely by a user visiting a malicious website that was specially crafted to take advantage of the flaw. Patch away.
Related PostsRelated Posts
- Two critical fixes from Microsoft on December patch Tuesday December's rendition of Microsoft's monthly Patch Tuesday will feature two critical security fixes. The malicious software removal tool will also be updated... Additionally, Microsoft will issue two non-security high-priority updates through Windows Update and Software Update Services, and three non-security high-priority updates through Microsoft Update and Windows Server Update Services.......
- Microsoft advisory on Sober "Awakening" Microsoft has posted a security advisory (912920) on the previously reported "awakening" of the Sober worm, expected January 6th. Systems that are infected with Win32/Sober.Z@mm may download and run malicious files from certain Web domains beginning on January 6, 2006 Further they give the following note.... Microsoft will release an......
- Mac Wireless driver Security vulnerability revisited A couple weeks ago the hot story was about the demonstration of a vulnerability in a 3rd party wireless card driver on a Mac. The individuals that demonstrated the vulnerability (in a video taped presentation) also claimed that many wireless drivers were vulnerable to this same flaw and it included......
- Home Security - Don't Make Yourself a Target In 2004, the Justice Bureau released the statistics that nearly one in six homes were burgled, that 75% of all crime was related to property and that in 90% of the burglaries the burglar gained access into the home. Every 3 seconds a property crime occurs, and every 15 seconds......
- P2P Investors Beware: Further Proof Government Jobs Not Ironclad Two weeks ago, I made the negative observation that lending money to government employees (via peer to peer lending) is not as safe as previously thought now that state & local governments are laying off workers due to the recession. It's not frequent enough to be called a trend, but......
- iPhone, Firefox, Safari, IE8 Pwned! The three day Pwn2Own contest at the CanSecWest security show is on. And at the end of the day, 3 major browsers, Firefox, Safari and IE8 were successfully exploited. Also a non-jailbroken iPhone was also hacked and its SMS database was stolen. Vincenzo Iozzo and Ralf Philipp Weinmann redirected an......
- Possible network printing problems with the unofficial WMF patch
- SONY DRM rootkit – the gift that keeps on giving
- Apple iTunes vulnerability on Windows
- Apple Quicktime and OS X updates to patch multiple security vulnerabilities
- Fasten your seatbelts – Browser vulnerability a day to be announced in July