Penetration testing specialists Core Security has publicly released information on a serious security vulnerability in Apple's Mac OS X and criticized the computer maker for delaying the release of a patch.
The vulnerability, which only affects Apple Mac OS X v10.5, could allow hackers to take complete control of a vulnerable machine via malicious PDF files.
In an advisory, Core Security said Apple claims it already has a patch prepared for this issue but failed to release the fix despite several promises.
Apple did not give any reasons for skipping the patch release.
Here's the skinny on the problem:
The Apple Type Services is prone to memory corruption due a sign mismatch vulnerability when handling the last offset value of the CharStrings INDEX structure.
This vulnerability could be used by a remote attacker to execute arbitrary code, by enticing the user of Mac OS X v10.5.x to view or download a PDF document containing a embedded malicious CFF font (Compact Font Format.
This vulnerability is a variation of the vulnerability labeled as CVE-2010-1797 (FreeType JailbreakMe iPhone exploit variation).
Core encourages Apple users to upgrade to Apple Mac OSX 10.6, which is not affected by this vulnerability.
Apple has a history of being tardy with security patches. According to this list maintained by TippingPoint ZDI, there are several outstanding high-risk vulnerabilities in Apple's software.