On TechRepublic: 10 dying IT skills
BNET Business Network:
BNET
TechRepublic
ZDNet

May 28th, 2008

Mac OS X Leopard mega-patch plugs 41 security holes

Posted by Ryan Naraine @ 3:50 pm

Categories: Adobe, Apple, Arbitrary Code Execution, Browsers, Data theft, Denial of Service (DoS), Exploit code, Flash, Kernel-level Exploits, Patch Watch, Vulnerability research, Zero-day attacks

Tags: Apple Macintosh, Apple Mac OS X Leopard, Vulnerability, Apple Inc., Apple Mac OS X, Apple Mac OS, Operating Systems, Security, Software, Ryan Naraine

Mac OS X Leopard mega-patch plugs 43 security holesIt’s Patch Day in the land of Mac OS X Leopard.

Apple today shipped Security Update 2008-003 (Mac OS X 10.5.3) with fixes for a wide range of serious vulnerabilities that could put users at risk of information disclosure, denial-of-service and remote code execution attacks.

The update (see Techmeme discussion) includes a fix for the iCal vulnerabilities that were publicly disclosed by Core Security last week.  The iCal bugs could be exploited to crash iCal or execute arbitrary code via malicious calendar updates or by importing a specially crafted calendar file.

[ SEE: iCal vulnerabilities put Mac OS X users at risk ]

Core Security’s warning mentions three separate vulnerabilities but Apple’s update only includes a fix for a single bug:

A use-after-free issue exists in the iCal application’s handling of iCalendar (usually “.ics”) files. Opening a maliciously crafted iCalendar file in iCal may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by improving reference counting in the affected code. This issue does not affect systems prior to Mac OS X v10.5.

In all, Apple documents at least 41 vulnerabilities in this mega update.  They include seven (7) different vulnerabilities in Apple’s implementation of Apache, the most serious of which may lead to cross-site scripting attacks.

[ SEE: Adobe Flash zero-day exploit in the wild ]

The Flash Player Plug-in also gets a makeover to correct seven (7) bugs could could lead to arbitrary code execution via booby-trapped Flash content.  This update includes a fix for the flaw that’s currently being exploited in drive-by malware attacks.

Code execution holes are also fixed in AppKit’s processing of document files; Apple Pixlet Video’s handling of files using the Pixlet codec; Apple Type Services server’s handling of embedded fonts in PDF filesp; CoreFoundation’s handling of CFData objects; and CoreGraphics’ handling of PDF files.

The Mac OS X Leopard patch also fixes flaws in  CoreTypes, CUPS, Help Viewer, International Components for Unicode, Image Capture, ImageIO, Kernel, LoginWindow, Mail, ruby, Single Sign-On and Wiki Server.

Ryan NaraineRyan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.


Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

  • Talkback
  • Most Recent of 158 Talkback(s)
RE: Mac OS X Leopard mega-patch plugs 41 security holes
What APPLE HAS SECURITY FLAWS? AMAZING , NOW THAT YOU THE BIG TIME, YOU START GETTING FLAWS , SO IT JUST WASNT MICROSOFT ,HUH? GLAD TO SEE IT HAPPENING TO THE RIDERS OF THE LITTLE BUS!... (Read the rest)
Posted by: usmc1@... Posted on: 06/16/08 You are currently: a Guest | | Terms of Use
Apple programmers work in an odd fashion  NonZealot | 05/28/08
Hi NZ  Tim99 | 05/28/08
What, specifically, about backwards compatibility...  ye | 05/29/08
Other important questions  NonZealot | 05/29/08
The most important question.  frgough | 05/29/08
90%+ believe the Windows experience is more pleasant  NonZealot | 05/29/08
Wrong.  frgough | 05/29/08
Uh huh. And what of all the Macs being sold?  ye | 05/29/08
Follow up  frgough | 05/29/08
RE:Ye  frgough | 05/29/08
@frgough: $1k and retail  ye | 05/29/08
Re: Ye  frgough | 05/29/08
@frgough: Then why the restriction?  ye | 05/29/08
re: Ye  frgough | 05/29/08
@frgough: Again why restrict?  ye | 05/29/08
one flaw  Badgered | 05/29/08
RE: Badgered  frgough | 05/29/08
Re: Ye  frgough | 05/29/08
@frgough: We all know why the restriction were put in place.  ye | 05/29/08
No, the real problem with that 66% ....  ShadeTree | 05/29/08
@Ye: You're psychotic.  /A\V/ | 05/29/08
@Deviros: Yes, it is obvious what's being done.  ye | 05/29/08
holy sh*t, the truth from someone  dave@... | 05/29/08
What are you trying to say, Dave?  vulpine@... | 05/29/08
90%+ believe the Windows experience is more pleasant  vulpine@... | 05/29/08
As pointed out to you elsewhere.  rtk | 05/29/08
RTK, your data is not valid  vulpine@... | 05/29/08
Vulpine  rtk | 05/29/08
Very well, RTK  vulpine@... | 05/29/08
hold on a tick...  rtk | 05/29/08
Nor, RTK,...  vulpine@... | 05/30/08
What "domestic event"?  rtk | 05/30/08
Another statistice pulled from the depths...  jasonp@... | 05/29/08
If you look up "hypocrisy," you'll find NonZealot. [nt]  olePigeon | 05/29/08
re: The most Important question  Badgered | 05/29/08
Security  frgough | 05/29/08
re: Security  Badgered | 05/29/08
You don't have to constantly run A/V software  ye | 05/29/08
re:Badger  frgough | 05/29/08
Ye is unrealistic at best...  vulpine@... | 05/29/08
@vulpine: The statement is true without an external FW.  ye | 05/29/08
PWN2OWN  frgough | 05/29/08
Supporting references please.  ye | 05/29/08
Supporting reference  frgough | 05/29/08
Thanks. So much for Apple fixing bugs. Gotta love this quote:  ye | 05/29/08
RE: Ye  frgough | 05/29/08
@frgough: I don't care if he cheated or not.  ye | 05/29/08
Where in that article...  RocketEater | 05/29/08
Excuse me but....  bentedgz | 05/29/08
Huge, huge, gaping difference  NonZealot | 05/29/08
HAHAHAHAHAHAHA!!!!!!!!!  NonZealot | 05/29/08
No, you ass  frgough | 05/29/08
Which changes nothing.  ye | 05/29/08
Re: Ye  frgough | 05/29/08
@frgough: LOL. Yeah, the $10K had nothing to do with it.  ye | 05/29/08
If only they'd used their heads.  rtk | 05/29/08
Other important questions - Answered  vulpine@... | 05/29/08
Poor Memory NZ  mrlinux | 05/29/08
close  rtk | 05/29/08
I stand corrected.  mrlinux | 05/29/08
Somebody finally gets it right  Crestview | 05/29/08
I am soo tired of this.  BroGnorik | 05/29/08
No Worries about Windows  Cayble | 05/29/08
Mac OS X 10.5.3 is like windows xp sp3 but ,  None_Zealot | 05/29/08
Of course it did. Mac users seem to encounter every...  ye | 05/29/08
You are so right mister ye .  None_Zealot | 05/29/08
Of course they don't. I find it curious you...  ye | 05/29/08
That's your opinion son not mine .  None_Zealot | 05/29/08
Please follow the advice in this post:  ye | 05/29/08
re: That's you opinion  Badgered | 05/29/08
Badgered , I use it because I can , it's a tool  None_Zealot | 05/29/08
re: None  Badgered | 05/29/08
Can you say carp computer to begin with  ted185@... | 05/29/08
this is the evidence that virus's maker uses linux  qmlscycrajg | 05/29/08
Back your claims up with facts .  None_Zealot | 05/29/08
RE: Mac OS X Leopard mega-patch plugs 41 security holes  Sir_bobbyuk | 05/29/08
Ding Ding Ding!  Khyron | 05/29/08
Who ways their popular yet  ted185@... | 05/29/08
Ummm... huh?  vulpine@... | 05/29/08
The update is for Tiger (OS X 10.4) too (nt)  Fred Fredrickson | 05/29/08
Security Update 2008-003 (PowerPC) v. 1.0  None_Zealot | 05/29/08
Please follow the advice in this post:  ye | 05/29/08
Message has been deleted.  None_Zealot | 05/29/08
Message has been deleted.  None_Zealot | 05/29/08
Welcome back Beyond the vista a Leopard is stalking.  ye | 05/29/08
Message has been deleted.  None_Zealot | 05/29/08
The Mac community must be proud to have you as their...  ye | 05/29/08
All communities are glad to have me , I don't go around sugar coating  None_Zealot | 05/29/08
@None_Zealot: Apparently not this one as two of your...  ye | 05/29/08
I have a better idea, YE...  vulpine@... | 05/29/08
Brother? Hardly. As for the comments well, no surprise...  ye | 05/29/08
Not lost at all...  vulpine@... | 05/29/08
That's two in a row that were lost on you. Care to try...  ye | 05/29/08
Why?  vulpine@... | 05/29/08
RE: Mac OS X Leopard mega-patch plugs 41 security holes  MyBlueRex | 05/29/08
For a sidenote , I'm glad to see Ryan Naraine back  None_Zealot | 05/29/08
RE: Mac OS X Leopard mega-patch plugs 41 security holes  MyBlueRex | 05/29/08
According to the Mac zealots Apple does release...  ye | 05/29/08
Well according to the Windows Zealots Microsoft releases  None_Zealot | 05/29/08
Sounds Like You Need To Do Some Studying...  Kromaethius | 05/29/08
Your right , it's my fault for blindly putting my faith into microsoft  None_Zealot | 05/29/08
"but Microsoft refuses to reactivate it for me" Why????  Michael L Hereid Sr | 05/29/08
Again with the "My Windows system".  ye | 05/29/08
I can't use my windows machine because it's bricked you dolt  None_Zealot | 05/29/08
The question is: Why do you have a Windows system?  ye | 05/29/08
I use a windows machine because I can , it's a tool  None_Zealot | 05/29/08
No, clearly none_zealot ....  ShadeTree | 05/29/08
funny  Khyron | 05/29/08
Well the update was available for my AMD processor  None_Zealot | 05/29/08
yes.  rtk | 05/29/08
Yawn.  frgough | 05/29/08
And what is that time table?  ye | 05/29/08
Time table  frgough | 05/29/08
What you've responded with is not a time table.  ye | 05/29/08
Too bad the facts don't support you  NonZealot | 05/29/08
It's funny  frgough | 05/29/08
Funny that .ani vulnerabilty was out for a year .  None_Zealot | 05/29/08
Even longer than that  Kid Icarus-21097050858087920245213802267493 | 05/29/08
source?  rtk | 05/29/08
You just can't think originally, can you?  vulpine@... | 05/29/08
Yes, Indeed...  Kromaethius | 05/29/08
Go to the Apple website and find out .  None_Zealot | 05/29/08
Legit questions  Ryan NaraineZDNet Moderator | 05/29/08
Actually, I'm amazed....  vulpine@... | 05/29/08
I'll answer those questions, MBR.  vulpine@... | 05/29/08
RE: Mac OS X Leopard mega-patch plugs 41 security holes  frgough | 05/29/08
What's your point?  James T. Kirk | 05/29/08
I hit the wrong button  frgough | 05/29/08
Its good and bad.  magallanes | 05/29/08
RE: Mac OS X Leopard mega-patch plugs 41 security holes  dave@... | 05/29/08
Are you making a point, Dave?  vulpine@... | 05/29/08
First thing  rtk | 05/29/08
Windows 7...  vulpine@... | 05/29/08
three years from code going gold.  rtk | 05/29/08
How about we just roll it all up into a nice big ball for ya?  Kid Icarus-21097050858087920245213802267493 | 05/29/08
Come on now children...  IT_Guy_z | 05/29/08
Spy vs Spy?  Dr. K | 05/29/08
RE: Mac OS X Leopard mega-patch plugs 41 security holes  exxtraz | 05/29/08
Mac's only make up a tiny part of computer sales  ted185@... | 05/29/08
Not as many as they used to.  vulpine@... | 05/29/08
RE: Mac OS X Leopard mega-patch plugs 41 security holes  kevin.meza@... | 05/29/08
NonZealot: Lying about a lie  3dtodd | 05/29/08
Wow and I mean WOW!  James Quinn | 05/29/08
RE: Mac OS X Leopard mega-patch plugs 41 security holes  amorr | 05/29/08
87.32%  rtk | 05/29/08
RE: Mac OS X Leopard mega-patch plugs 41 security holes  aka_tripleB@... | 05/29/08
RE: Mac OS X Leopard mega-patch plugs 41 security holes  nimrod666 | 05/29/08
This is business for..  msalzberg | 05/29/08
Don't confuse people's ignorance as money in my...  ye | 05/29/08
RE: Mac OS X Leopard mega-patch plugs 41 security holes  phatkat | 05/29/08
A couple conclusions that ....  ShadeTree | 05/29/08
RE: Mac OS X Leopard mega-patch plugs 41 security holes  fox.kenji | 05/29/08
both of your claims are unsupported.  rtk | 05/29/08
RE: Mac OS X Leopard mega-patch plugs 41 security holes  richdave | 05/29/08
RE: Mac OS X Leopard mega-patch plugs 41 security holes  fox.kenji | 05/31/08
what would my usage of OS X  rtk | 06/01/08
Problems w/MacBooks and the update  8string | 06/02/08
RE: Mac OS X Leopard mega-patch plugs 41 security holes  usmc1@... | 06/16/08

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement

Recent Entries

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

Meet Doc