Apple's week of patching: Camera compatibility flaw patched

Summary:Apple on Friday shipped a security update for Aperture 2, iPhoto 7.1.

Apple on Friday shipped a security update for Aperture 2, iPhoto 7.1.2 with iLife Support 8.2.

Here's what Apple had to say in an advisory about CVE-2008-0987:

Viewing a maliciously crafted image may lead to an unexpected application termination or arbitrary code execution Description: A stack based buffer overflow exists in the handling of Adobe Digital Negative (DNG) image files. By enticing a user to open a maliciously crafted image file, an attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issue through improved validation of DNG image files. Credit to Clint Ruoho of Laconic Security for reporting this issue.

For those keeping score at home that's the fourth security update this week from Apple. To recap:

What's going on here? It's likely Apple is patching its wares ahead of the CanSecWest Pwn2own contest. Can a QuickTime security update be that far behind?

Topics: Security, Apple, Hardware


Larry Dignan is Editor in Chief of ZDNet and SmartPlanet as well as Editorial Director of ZDNet's sister site TechRepublic. He was most recently Executive Editor of News and Blogs at ZDNet. Prior to that he was executive news editor at eWeek and news editor at Baseline. He also served as the East Coast news editor and finance editor at CN... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.