MAC.BLORGE
TECH.BLORGE.com
GAMER.BLORGE.com
VISTA.BLORGE.com

May 25, 2007 |

Apple releases security update 2007-005

By Triston McIntyre





Apple releases security update 2007-005Those of you with Macs are probably already aware of this little gem, but if you weren’t, Apple released its 5th security update of 2007 today, and the update addresses a smorgasboard of fixes and problems, so update away!

The key players of the 005 update are iChat and VPN, and also include a few unix utilities and code lines that needed a facelift as well:

Alias Manager. Impact: Users may be misled into opening a substituted file

BIND. Impact: Multiple vulnerabilities in BIND, the most serious of which is remote denial of service

CoreGraphics. Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution

crontabs. Impact: The daily /tmp cleanup script may lead to a denial of service

fetchmail. Impact: fetchmail password disclosure may be possible

file. Impact: Running the file command on a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution

iChat. Impact: An attacker on the local network may be able to cause a denial of service or arbitrary code execution

mDNSResponder. Impact: An attacker on the local network may be able to cause a denial of service or arbitrary code execution

PPP. Impact: A local user may obtain system privileges

ruby. Impact: Denial of service vulnerabilities in the Ruby CGI library

screen. Impact: Multiple denial of service vulnerabilities in GNU Screen

texinfo. Impact: A vulnerability in texinfo may allow arbitrary files to be overwritten

VPN. Impact: A local user may obtain system privileges

That list was provided by the good folks at TUAW, and I thank them for summarizing all the deathly boring information I really have very little interest in.

Lets hope this update isn’t accompanied with network errors like the 004 update. On a sweeter note, very soon the WWDC will begin, and in regard to what Apple has in store…Steve never kisses and tells, but rumors of new Macbooks, iMacs, Mac Minis, Leopard, and the iPhone are flying around like, well…Apple rumors, so keep your browser tuned into Mac.Blorge.com for the breaking news!

Sign up for the BLORGE email newsletter

Related:

  • Apple releases Leopard 10.5.1 with numerous bug fixes
  • Apple releases iTunes 7.5, Quicktime 7.3
  • Apple prepares 10.5.1 Leopard update
  • Apple: Adobe fixes an epidemic of Javascript vulnerabilities; Security patch available for Mac and Windows users
  • Apple unveils QuickTime 7.5; Free download for Mac and Window PC users


    • StumbleUpon Toolbar Stumble It!

    Entry was posted on Friday, May 25th, 2007 at 3:38 pm under Apple, Leopard, MacBook, Security, Steve Jobs, iPhone. Print This Post Print This Post

    Read more entries by Triston McIntyre.




    Leave a Reply:

    Copyright © 2007 Engaging and compelling blogs that entertain and inform