Zero Day

Ryan Naraine and Dancho Danchev

Get Zero Day via:: Mobile; RSS; Email Alerts
Bios:: Ryan’s Bio; Dancho’s Bio

November 14th, 2007

Apple monster update fixes 41 Mac OS X, Safari vulnerabilities

Posted by Ryan Naraine @ 2:42 pm

Categories: Apple, Botnets, Browsers, Data theft, Digital rights management, Exploit code, Hackers, Metasploit, Passwords, Patch Watch, Pen testing, Responsible disclosure, Rootkits, Spam and Phishing, Spyware and Adware, Viruses and Worms, Vulnerability research, Windows Vista, Zero-day attacks

Tags: Apple Macintosh, Apple Safari, Vulnerability, Execution, Apple Inc., System Shutdown, Apple Mac OS X, Apple Mac OS, Microsoft Windows, Operating Systems

Apple today released a monster update to provide belated cover for at least 41 security holes in its flagship Mac operating system.

With Security Update 2007-008 and Mac OS X v10.4.11, Apple patches multiple “highly critical” flaws that could cause unexpected system shutdowns, drive-by-malware downloads and remote code execution attacks.

Apple monster update fixes 41 Mac OS X, Safari vulnerabilities

The company also shipped a new version of Safari for Windows (beta) to patch 10 browser vulnerabilities affecting Windows XP and Vista users.

Some of the most serious vulnerabilities include:

CVE-2007-4691: A case-sensitivity issue exists in NSURL when determining if a URL references the local file system. This may cause a caller of the API to make incorrect security decisions, potentially leading to the execution of files on the local system or network volumes without appropriate warnings.

CVE-2007-4689: A double-free issue exists in the handling of certain IPV6 packets, which may lead to an unexpected system shutdown or arbitrary code execution with system privileges.

[ SEE: Safari on Windows could be big target for malware ]

CVE-2007-4690: A double free issue in NFS may be triggered when processing an AUTH_UNIX RPC call. By sending a maliciously crafted AUTH_UNIX RPC call via TCP or UDP, a remote attacker may cause an unexpected system Apple monster update fixes 41 Mac OS X, Safari vulnerabilities shutdown or arbitrary code execution.

CVE-2007-4681: A one byte buffer overflow may occur in CoreFoundation when listing the contents of a directory. By enticing a user to read a maliciously crafted directory hierarchy, an attacker may cause an unexpected application termination or arbitrary code execution.

CVE-2007-4682: An uninitialized object pointer vulnerability exists in the handling of text content. By enticing a user to view maliciously crafted text content, an attacker may cause an unexpected application termination or arbitrary code execution.

[ SEE: DNS-changing Trojan opens Mac OS X floodgates ]

The Mac OS X update also fixes a denial-of-service bug in AppleRAID, a cache-poisoning issue in ISC BIND 9, multiple race conditions in bzip2, an implementation issue in CFFTP, several CFNetwork vulnerabilities, a code execution hole in the Flash Player Plug-in, a pair of Kerberos code execution issues and several kernel vulnerabilities.

The Safari 3 Beta patch is also a high-priority update that fixes code execution holes in the browser. It is available for Windows XP and Vista.

Ryan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.

Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

Talkback
Most Recent of 141 Talkback(s)

Thread View
Flat View

Mac users are not the problem, arrogance is.: I'm not sure about you, but for me, I don't hate Mac users. But I do hate Mactards. Mactards are people who go around saying "I AM BETTER CUZ I HAVE A MAC AND MAC HAS UNIX AND I CAN DO GRAPHICS BETTER... (Read the rest); Posted by: zomgguy Posted on: 08/26/08 You are currently: a Guest | Log in | Terms of Use

But Apple zealots SWORE that drive bys were impossible? NonZealot | 11/14/07

Au contraire ego.sum.stig@... | 11/14/07

Then you haven't read much. ye | 11/14/07

Oh look... ego.sum.stig@... | 11/14/07

What are you saying about Mac users? NonZealot | 11/14/07

Oh yeah, ye is just SO rational Kid Icarus-21097050858087920245213802267493 | 11/14/07

I see you don't know the difference between... ye | 11/14/07

Well... ego.sum.stig@... | 11/14/07

LOL as I type this on my MacBook ye | 11/14/07

A Macbook? ego.sum.stig@... | 11/14/07

You must have me confused for someone else. ye | 11/15/07

cool...MAC on MAC crime Yax_to_the_Max | 11/15/07

Not once xuniL_z | 11/15/07

Blinders are bliss Crestview | 11/15/07

I don't know who's dumber magcomment | 11/14/07

yeah, NonZealot... doh123 | 11/16/07

Outside of your fevered brain frgough | 11/14/07

you left something unsaid Badgered | 11/15/07

RE: you left something unsaid joe6pack_z | 11/15/07

Watch Crestview | 11/15/07

Hey Bozo the Crestview johnpall@... | 11/15/07

O_O zomgguy | 08/25/08

Message has been deleted. paulg57 | 11/15/07

Copmletely Agree BFD | 11/15/07

Oh please! vulpine@... | 11/15/07

Come on now. BFD | 11/15/07

Oh? ego.sum.stig@... | 11/15/07

You truely xuniL_z | 11/15/07

You pervert! 5445mlbvd2gn@... | 11/16/07

Insignificant Barrier?? Mr. Phil | 11/15/07

WHAT!!!??Microsoft is much further along than Apple when it comes to securi johnpall@... | 11/15/07

Seriously dude, grammar check... tikigawd | 11/15/07

You really don't know your stuff, do you? santuccie | 11/20/07

Don't do what others do!! spikedstrider | 11/15/07

No, that's NOT what they said. Resuna | 11/15/07

You seem to have no life other than posting rants here thetwonkey | 11/17/07

Sounds like they didn't fix some of the bugs rpmyers1 | 11/14/07

This doesn't sound like a vulnerability. Resuna | 11/15/07

Sounded like arbitrary data rpmyers1 | 11/15/07

It should be pretty clear at this point Qbt | 11/14/07

Clear as mud magcomment | 11/14/07

Point by point destruction of your post NonZealot | 11/14/07

HAHAHAHA!!! Kid Icarus-21097050858087920245213802267493 | 11/14/07

huh? rtk | 11/15/07

Only 2 people use Vista People | 11/14/07

Uh huh magcomment | 11/15/07

Uh-Huh, Part 2 BFD | 11/15/07

Bad numbers rpmyers1 | 11/15/07

Assumptions Qbt | 11/14/07

I mock both camps magcomment | 11/15/07

I agree coopermi | 11/15/07

Just one clarification mds_z | 11/15/07

becareful with that Windows 2000 LinuxandMacforlife | 11/18/07

So? frgough | 11/14/07

Uhm, no Qbt | 11/14/07

More market share CRAP . Intellihence | 11/14/07

SIGH... BFD | 11/15/07

only have to look at jailbreak... rtk | 11/15/07

Wow so true! zomgguy | 08/25/08

Here's the proof. xuniL_z | 11/15/07

You didn't answer his question... tikigawd | 11/16/07

RE: You didn't answer his question... stonefingers | 11/16/07

That's where you go wrong santuccie | 11/20/07

Secure vs. safe rapson | 11/15/07

I did not know Microsoft made computers ???? mrOSX | 11/15/07

MS doesn't have to make hardware for Apple to be a competitor NonZealot | 11/15/07

Non Zealot... mrOSX | 11/15/07

Let me translate your post for you NonZealot | 11/15/07

Yah huh... zomgguy | 08/26/08

They are competitors... rapson | 11/15/07

Apple considers PCs to alaniane@... | 11/15/07

Here's the deal, PeterWeter. Pay attention. Userama | 11/14/07

Here's the truth Userama. Pay attemtion toadlife | 11/14/07

A little quiz for you. Userama | 11/14/07

Nothing to do with security andrewjg | 11/14/07

Actually most financial institutions do use Windows. ShadeTree | 11/15/07

Lol zomgguy | 08/26/08

let me ask you something: bonchi74@... | 11/15/07

It's the unpatched holes you need to watch for. Resuna | 11/15/07

Somewhat true rtk | 11/15/07

Patches? aussieblnd@... | 11/15/07

Right... zomgguy | 08/26/08

Do you have anything intelligent to offer? RicD_ | 11/14/07

Is that all ? Intellihence | 11/14/07

Wow! itpro_z | 11/14/07

re:WOW !!! Intellihence | 11/14/07

Go back and count rtk | 11/15/07

Belly flop? A Grain of Salt | 11/15/07

Message has been deleted. No_Ax_to_Grind | 11/15/07

Message has been deleted. itanalyst | 11/15/07

channel stuffing and the fanboi set. rtk | 11/15/07

Message has been deleted. No_Ax_to_Grind | 11/15/07

Message has been deleted. itanalyst | 11/15/07

Considering the definition alaniane@... | 11/15/07

This is so much fun... People | 11/14/07

In reality? Sorry, I don't buy that. Grayson Peddie | 11/14/07

Really, you don't - spacecase2 | 11/14/07

The world runs on nix? ShadeTree | 11/15/07

I think he alaniane@... | 11/15/07

You keep acknowledging OS X is not fool proof but... ye | 11/15/07

Because OS X is UNIX!!! NonZealot | 11/15/07

You must be really young. TechinMN | 11/15/07

first worm Clewin | 11/15/07

We keep telling you why Qbt | 11/15/07

Tides are Turning People | 11/15/07

If you look at the percentages alaniane@... | 11/15/07

alaniane People | 11/15/07

He meant "in the reality distortion field" rtk | 11/15/07

This is the thinking Crestview | 11/15/07

I admit it John Musbach | 11/14/07

I admit it paulg57 | 11/15/07

Great to see..... Laff | 11/15/07

Why are the front-page lists of the blogs missing? BitTwiddler | 11/15/07

Impossible. Spiritusindomit@... | 11/15/07

squeeze me plently info@... | 11/15/07

come on bonchi74@... | 11/15/07

come off. rtk | 11/15/07

Actually, I rarely have to alaniane@... | 11/15/07

you can say that again madmax_2069 | 11/28/07

O_O zomgguy | 08/26/08

Graphics? Crestview | 11/15/07

9.5 rtk | 11/15/07

Well done! Crestview | 11/15/07

Welcome to the Intel x86 world. rkostynu@... | 11/15/07

great post bonchi74@... | 11/15/07

Actually the reality alaniane@... | 11/15/07

RE: Apple monster update fixes 41 Mac OS X, Safari vulnerabilities DannyO_0x98 | 11/15/07

any other language than english Bob G Beechey | 11/15/07

my dad can beat up your dad!!! lostarchitect | 11/15/07

Oh yeah? My mom can beat up your mom... No_Ax_to_Grind | 11/15/07

I'd pay a dollar too see that....:P Laff | 11/15/07

Conceeded alaniane@... | 11/15/07

High Level levinson | 11/15/07

RE: Apple monster update fixes 41 Mac OS X madmax_2069 | 11/15/07

Mac users are not the problem, arrogance is. zomgguy | 08/26/08

RE: Apple monster update fixes 41 Mac OS X, Safari vulnerabilities gi15@... | 11/15/07

I have the perfect solution for you NonZealot | 11/15/07

Good job! People | 11/15/07

All I can say is: Crestview | 11/15/07

Why do Mac patches get all of the cool.. xuniL_z | 11/15/07

Flagship product? doh123 | 11/16/07

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Creating a Dynamic Information Infrastructure IBM Corp. IBM Information Infrastructure solutions can help reduce costs & transform ... Download Now
Network Managed Services: A Cost-Effective Approach to Complexity Qwest Communications Learn how outsourcing network management tasks to a third party allows companies to save time and drive substantially lower total cost of ownership. Download Now
Enabling Device-Independent Mobility with Dynamic Virtual Clients Intel Intel IT is investigating a model where users can access their ... Download Now

Blogs From Our Sponsors

Top Rated

And the most popular password is...+34 votes
Microsoft readies emergency IE patch to counter public exploits+33 votes
Report: 48% of 22 million scanned computers infected with malware+32 votes
Microsoft says Google was hacked with IE zero-day+31 votes
Microsoft confirms 17-year-old Windows vulnerability+31 votes
MS Patch Tuesday heads-up: 13 bulletins, 26 vulnerabilities+26 votes
Bogus IQ test with destructive payload in the wild+22 votes
Haiti earthquake themed blackhat SEO campaigns serving scareware+21 votes

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

Qwest Network Services for Healthcare Providers Qwest Communications Demands for improved quality care and increased satisfaction require a ... Download Now
Unrivaled support from Novell, now available for Red Hat Novell If Linux is going to power your mission-critical applications, you'd ... Download Now
Responding to Today's Demands with a Dynamic Infrastructure IBM Corp. Listen to this webcast to hear IBM executives and clients discuss a host ... Download Now

SmartPlanet

Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
More from IBM
How to Drive Better Business Outcomes with Exceptional Web Experiences Download the eBook
Driving Business Agility through SOA Connectivity & Integration Read the White Paper from IBM
Linking Decisions and Information for Organizational Performance Read the Tom Davenport study

Zero Day

Ryan Naraine and Dancho Danchev

November 14th, 2007

Apple monster update fixes 41 Mac OS X, Safari vulnerabilities

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Recent Entries

Blogs From Our Sponsors

Top Rated

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Archives

Favorite Links

41

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads

Zero Day

Ryan Naraine and Dancho Danchev

November 14th, 2007

Apple monster update fixes 41 Mac OS X, Safari vulnerabilities

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Recent Entries

Blogs From Our Sponsors

Top Rated

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Keep up with ZDNet

Archives

Favorite Links

41

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads