Apple users have one less reason to feel smug about security in
comparison to their Windows peers today.
Apple releases massive patch addressing more than 40 vulnerabilities in OS X.
Over 40 different vulnerabilities ranging in severity from local
privilege escalation to highly critical system exploit code that could allow
a hacker to arbitrarily execute code and gain full system control were
revealed as part of Apple’s monthly security update.
The cavalcade of flaws involves a who’s who of software applications and
OS X components including AppKit, Safari, MySQL, OpenSSL, zlib, Apache, Mail
and Bluetooth among others.
The flaws detailed in Apple’s security update 2005-007 affects OS X version 10.3.9 and 10.4.2.
Among the highly critical flaws that could potentially allow a malicious
remote attacker to execute arbitrary code and gain control over the Mac are
vulnerabilities in AppKit.
AppKit is a library that allows users to write
graphical applications for OS X. CAN-2005-2501 is a buffer overflow in
how AppKit handles “maliciously crafted rich text files,” such that opening
one such file could allow for arbitrary code execution. CVE-ID:
CAN-2005-2502 is a related flaw in AppKit that could allow a Microsoft Word
.doc file to create an overflow condition and execute arbitrary code.
Apple’s home grown Web browser Safari is also at risk from
CAN-2005-2516, a flaw in how Safari processes rich text files. It allows a
maliciously crafted file to potentially execute arbitrary code with the
same privileges as the logged-in user.
CAN-2005-2518 deals with a buffer overflow vulnerability in OS X Server’s
modified version of Apache, called servermgrd. According to Apple’s security
update, “A buffer overflow in the handling of authentication can lead to
arbitrary code execution by a remote attacker.”
Apple Directory Services are at risk from a trio of flaws, the most
serious of which is a buffer overflow which could allow for remote code
execution. CVE-ID: CAN-2005-2507 describes a flaw in the handling of
authentication that could lead to the buffer overflow.
Kerberos is also at risk. According to the bulletin, a heap buffer overflow in the password history handling code could be exploited to execute arbitrary code on a Key Distribution Center.
The August patch update is the largest block of updates this year from
Apple. The last patch, updated in June, contained patches for at least 15
vulnerabilities. The May update fixed 20 vulnerabilities.
This article was originally published on internetnews.com.