- Bare Bones Software
- Readers Like You!
- Fetch Softworks
- VMware
- Microsoft
- Web Crossing
- Mark/Space, Inc.
Most Popular Articles
- How to Protect Yourself from the New Mac OS X Trojans (25 Jun 2008)
- iPhone 3G GPS Details, Power Adapter, and Industrial Design (10 Jun 2008)
- Firefox 3 Bounds Forward (22 Jun 2008)
- iPhone 3G Actually $160 More Expensive (11 Jun 2008)
Recent TidBITS Talk Discussions
- 802.11g-n mixed network question (2 messages)
- New Mac threats? (5 messages)
- The Hole in My Backup Plan (19 messages)
- Firefox feature sought (19 messages)
Shopping for a new digital camera? In "Take Control of Buying a Digital Camera," pro photographer Larry Chen helps you pick out the right camera and accessories for your needs and budget. This book is loaded with tips on using your camera, pointers to the best review sites, and more!
Other articles in the series To the Maynor Born: Cache and Crash
- Wi-Fi Exploit Precursor Published One Year Later (21 Sep 07)
- MoAB Is My Washpot (19 Feb 07)
- Another Minor AirPort Vulnerability Exposed (06 Nov 06)
- AirPort Updates Stop Wi-Fi Exploit (25 Sep 06)
- Apple Issues Careful Wi-Fi Exploit Denial (28 Aug 06)
- Wireless Driver Hack Could Target Macs and Windows (07 Aug 06)
Published in TidBITS 864. Subscribe today to receive TidBITS in email every Monday.
- TidBITS Archive CD Introductory Offer Ending
- More Macworld Expo Commentary
- Manage Your TidBITS Subscriptions
- DealBITS Drawing: Billable
- Photoshop Lightroom 1.0 Set to Ship
- Daylight Saving Time May Bite the Out-of-Date
- Fog Is My Copilot
- AirPort Extreme 802.11n Throughput Limits
- MacFUSE Explodes Options for Mac File Systems
- CSSEdit 2 to the Rescue!
- Take Control News/29-Jan-07
- Hot Topics in TidBITS Talk/29-Jan-07
| Security Holes: Two Closed, One Opened
Apple last week released AirPort Extreme Update 2007-001, fixing a problem on Core Duo-based Mac minis, MacBooks, and MacBook Pros that could cause crashes or worse. The fix is related to a number of other repairs to low-level wireless hardware drivers that Apple made last year in response to a proof-of-concept exploit that could - theoretically - have enabled a nearby attacker to hijack a Mac via its wireless connection (see the series "To the Maynor Born: Cache and Crash").
If Software Update offers you the AirPort Extreme Update 2007-001, you should install it for safety's sake, and because it may fix some other bugs, but the likelihood of the security hole being exploited is nil. If you see any new problems after updating (we've heard a few anecdotal reports), check out MacFixIt's wireless troubleshooting tutorial. The update is a 7.4 MB download available via Software Update or as a standalone download.
Apple also released Security Update 2007-001, which resolves a possible exploit related to how QuickTime 7.1.3 handles RTSP URLs. The bug was identified by Kevin Finisterre and the pseudonymous "LMH" of the Month of Apple Bugs project. It's a 5.9 MB download available via Software Update or as separate downloads for Mac OS X 10.4 Tiger and Mac OS X 10.3.9 Panther.
Meanwhile, the Month of Apple Bugs project has found another bug that has captured the interest of people in the security community whose opinions I value. It turns out that Mac OS X's Software Update, when fed a file with a sufficiently malformed name, can be caused to crash or - in theory - to execute that bugaboo of the security crowd, "arbitrary code." (In other words, Software Update could be caused to run code that could replicate itself, delete data, or have other harmful effects. I say "in theory" because there's no known way yet to make that happen, but it's possible.)
Although the demonstration of the bug on the Month of Apple Bugs page doesn't work in my testing, a source showed me a variant that did demonstrate that Software Update improperly handles malformed file names. If a bad guy could figure out how to embed dangerous code in a malformed file name, that file could be fed to Software Update via a link you clicked in a Web browser or through an email attachment you opened. Turning off Software Update won't make any difference, and in fact, there's nothing users can do to eliminate the risk of being exploited. Luckily, that risk is very low.
Apple should fix the bug, as it did with the QuickTime bug, and Mac users should continue to be careful about clicking links on dodgy Web sites, avoid opening email attachments from unknown senders, and install security updates when released by Apple. As is usually the case, the revelation of this bug changes nothing for the Macintosh community; basic safe computing provides all the security necessary to render this potential exploit moot.
WebCrossing Neighbors Creates Private Social NetworksCreate a complete social network with your company or group's
own look. Scalable, extensible and extremely customizable.
Take a guided tour today <http://www.webcrossing.com/tour>