Contact Us Today! (215) 853-2266

Bardissi Enterprises Blog

Bardissi Enterprises has been serving the Hatfield area since 2000, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

WatchGuard Live Security Service: OS X SECURITY UPDATE FIXES 40 FLAWS

Apple’s October Update Plugs Holes in XML, PHP, PDF

OS X Security Update Fixes 40 Flaws

Severity: High

9 October, 2008

Summary:

§These vulnerabilities affect: OS X 10.4.x (Tiger) and OS X 10.5.x (Leopard), both client and server versions

§How an attacker exploits them: Multiple vectors of attack, including enticing one of your users into visiting a malicious web site, downloading a malicious document, or subscribing to a malicious RSS feed

§Impact: Various results; in the worst case, attacker executes code on your user’s computer, potentially gaining full control of it

§What to do: OS X administrators should download, test and install Security Update 2008-007

Apple’s October Update Plugs Holes in XML, PHP, PDF

OS X Security Update Fixes 40 Flaws

Severity: High

9 October, 2008

Summary:

§These vulnerabilities affect: OS X 10.4.x (Tiger) and OS X 10.5.x (Leopard), both client and server versions

§How an attacker exploits them: Multiple vectors of attack, including enticing one of your users into visiting a malicious web site, downloading a malicious document, or subscribing to a malicious RSS feed

§Impact: Various results; in the worst case, attacker executes code on your user’s computer, potentially gaining full control of it

§What to do: OS X administrators should download, test and install Security Update 2008-007

Exposure:

Late today, Apple released a security update to fix vulnerabilities in OS X. The update fixes 40 security issues (number based on CVE-IDs) in many software packages that ship as part of OS X, including the Finder, ColorSync, and the Postcript interpreter. Some of these vulnerabilities allow attackers to execute code on your OS X machines, so we rate this update Critical. Apply it as soon as you can. Three of the fixed vulnerabilities of special interest to businesses include:

§Three PHP vulnerabilities. PHP is a scripting language optimized to work well with HTML. It is used on millions of web sites to generate a page dynamically, accepting input from users or from a database. PHP suffers from a buffer overflow vulnerability, and a few other flaws. By luring one of your users to a malicious web site, an attacker could exploit one of these flaws to execute code on that user’s computer.

§Buffer overflow vulnerabilities in rendering color graphics. ColorSync is the component of OS X that helps handle graphic images having an embedded ICC profile. If you shoot a picture with a digital camera and later need to use the picture in a printed brochure, the ICC profile contains the data ColorSync uses to convert the RGB colors from the camera into the CMYK colors a printer understands. ColorSync contains a buffer overflow flaw in the way it handles images that have an embedded ICC profile. There are a wide variety of such images, including PICT, PDF, and Postscript files. If an attacker can get a victim to open a maliciously crafted color image, he could exploit this flaw to execute attack code on the victim’s computer. Apple’s advisory also addresses another buffer overflow in how OS X renders Postscript files.

§Heap buffer overflow in rendering XML documents. XML is a relatively human-legible programming language widely used on the Internet, showing up in uses ranging from vector-based graphics to RSS news feeds. A flaw in the way OS X renders XML documents could allow an attacker to craft a malicious HTML page. If the attacker can get one of your users to visit the page, he could exploit the flaw to execute his code on your user’s computer, possibly taking control of it.

Apple’s alert covers many more flaws, including other code execution flaws in addition to those described above. The remaining vulnerabilities include Denial of Service (DoS) flaws, elevation of privilege flaws, crash vulnerabilities, plus others. Some of the flaws only affect OS X Server. Components patched by this security update include:

Apache ClamAV
CUPS Finder
launchd MySQL Server
Postfix QuickLook
rlogin Script Editor
Tomcat Weblog

Please refer to Apple’s OS X alert for more details.

Solution Path:

Apple has released OS X Security Update 2008-007 to fix these security issues. OS X administrators should download, test, and deploy the update as soon as they can.

§Security Update 2008-007 (PPC)

§Security Update 2008-007 (Intel)

§Security Update 2008-007 (Leopard)

§Security Update 2008-007 Server (PPC)

§Security Update 2008-007 Server (Leopard)

§Security Update 2008-007 Server (Universal)

Note: If you have trouble figuring out which of these patches corresponds to your version of OS X, we recommend that you let OS X’s Software Update utility pick the correct updates for you automatically.

For All Users:

These flaws enable many diverse exploitation methods. Some of the exploits are local, meaning that your perimeter firewall never encounters the attack (unless you use firewalls internally between departments). Installing these updates, therefore, is the most secure course of action.

Status:

Apple has released updates to fix these issues.

References:

§Apple’s October OS X Advisory

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, 22 December 2024
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Blog Archive

Recent Comments

Tip of the Week: Which Headphones are Right for Your Needs?
23 April 2018
I will recommend Plantronics Backbeat Pro 2 SE Noise cancelling Headset with it's Great features.
Gamification: Make Business Fun for Everyone
27 January 2017
The world is based on the games. There are many types of games as per the aussie essay writing servi...
Let's Talk Tablets
12 January 2017
The concept of tablet is far better than that of PC because you can bring them with you everywhere a...
Tip of the Week: Tweak Your Workday in These 4 Ways and See Major Results
12 January 2017
The only thing will I will say regarding this blog is that it is very helpful at least for me. As I ...
WatchGuard Releases Version 10.2.7 for WSM, Edge, Fireware, and Fireware Pro
23 December 2016
I really needed to know about the fireware but i was confused that where can i find information abou...