Mac OS X dirty dozen: Apple plugs critical security holes
Summary: The update, rated critical, plugs security holes that could lead to code execution vulnerabilities if a Mac user is tricked into opening audio files or surfing to a rigged Web site.
Apple's first Mac OS X security update for 2010 is out, providing cover for at least 12 serious vulnerabilities.
The update, rated critical, plugs security holes that could lead to code execution vulnerabilities if a Mac user is tricked into opening audio files or surfing to a rigged Web site.
With Security Update 2010-001, Apple also fixes flaws in the Adobe Flash Player plug-in that ships with the operating system.
Here's the skinny of the vulnerabilities:
- CoreAudio (CVE-2010-0036) -- A buffer overflow exists in the handling of mp4 audio files. Playing a maliciously crafted mp4 audio file may lead to an unexpected application termination or arbitrary code execution.
- CUPS (CVE-2009-3553) -- A use-after-free issue exists in cupsd. By issuing a maliciously crafted get-printer-jobs request, an attacker may cause a remote denial of service. This is mitigated through the automatic restart of cupsd after its termination.
- Flash Player plug-in (7 vulnerabilities) -- Multiple issues exist in the Adobe Flash Player plug-in, the most serious of which may lead to arbitrary code execution when viewing a maliciously crafted web site. The issues are addressed by updating the Flash Player plug-in to version 10.0.42.
- ImageIO (CVE-2009-2285) -- A buffer underflow exists in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution.
- Image RAW (CVE-2010-0037) -- A buffer overflow exists in Image RAW's handling of DNG
- images. Viewing a maliciously crafted DNG image may lead to an unexpected application termination or arbitrary code execution.
- OpenSSL (CVE-2009-3555) -- A man-in-the-middle vulnerability exists in the SSL and TLS protocols. Further information is available here. A change to the renegotiation protocol is underway within the IETF. This update disables renegotiation in OpenSSL as a preventive security measure. The issue does not affect services using Secure Transport as it does not support renegotiation.
The update is being distributed via Apple's Software Update mechanism.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
12 Serious OS X holes, and one IE bug gets top billing?
Could it have something to do...
Prove that none of these gaping holes have been exploited.
Argumentum ad ignorantiam.
Works both ways though.
The fact that there is no exploit code out for them..
If you want [i]100%[/i] proof, you'll have to solve the Munchhausen-Trilemma, because until then you can't even prove you exist.
edit:
Just to clarify, I meant to yourself. Even if you do solve it you still can't prove it to someone else absolutely, short of them being omniscient.
Easy proof!
So ZDNet is aware of all hacks all over the world?
In fact, only the unsuccesful hacks get detected. The rest, don't. :)
So, [b]you[/b] were the only one who made a claim that there weren't any exploits using these gaping vulnerabilities. Please back it up or take it back. Thanks!
On a scale from 1 to 10 ROTFLMAO
You are hilarious. Get over yourself & move on.
That's weird..
xuniL_z referred to was successful.
As much as i usually completely disagree with things NZ posts
But he's the one who made the claim in the first place
So it's up to him to tell us what they are.
[i]- or no claims that they have other than from the testing that revealed these vulnerabilities.[/i]
Well, has there been any proof, otherwise? Has anyone in any of the Mac forums encountered these vulnerabilities in the wild?
Tell us.
[i]So far all he's gotten is insults...[/i]
Well that's par for the course. For someone claiming to be a "NonZealot" he sure doesn't act like one.
[i]I'd like to see some proof either for or against his argument so this can be laid to rest.[/i]
Why don't you ask Apple? Or go to one of their forums and report back to us.
[i]Have these vulnerabilities been exploited yes or no and is there a linkable source to verify either way?[/i]
Well the same claims have been made against Linux too. Only now "bugs" are called "security vulnerabilities" by the M$ rabid fan club. Makes them feel better with their inferiority complex.
You didn't look up "argumentum ad ignorantiam" did you?
(Teenagers obviously have too much time on their hands).
Prove to what level?
wrote that sentence.
If you just mean beyond [i]reasonable[/i] doubt..
they were fixed before any exploit code came out,
unlike the IE vulnerability.
100 undisclosed windows vulnerabilities being exploited
A ridiculous proposition:-)
Just google...
http://packetstormsecurity.org/
http://www.metasploit.com/
http://www.securityfocus.com/
Prove that there isn't a teapot on Pluto
(but requiring you to prove that these holes are 'gaping' is not. )
That or..
Or maybe both.
12 bugs in Flash/Java fixed before they are exploited and a Serious hole in
it is patched gets top billing.. yep.
Are you suggesting that their is bias here?