Web Design Directory

  w   w   w   .   d   e   s   i   g   n   d   i   r   .   n   e   t
An industry leading web design, hosting and development directory. We bring together the best web designers and their customers. Find the lates website business news and updates.
Search DesingnDIR
Advertising | Submit Site »
   » Home Page / Industry News  
  Find Services Provider       Technology Stories        WebSite Services   
Apple Patches 17 Mac OS X Vulnerabilities

2007-05-28 17:06:00

On Thursday, Apple released its fifth major security update for Mac OS X. The release fixes 17 vulnerabilities, about one-third of which leave the door open for hackers to commandeer a Mac remotely.

Unlike other 2007 security updates, Apple's Thursday release did not patch any vulnerabilities stemming from the Month of Apple Bugs project. And most of the bugs were ranked less than critical on Apple's rating scale.

About half of the vulnerabilities identified in Security Update 2007-005, for example, do little more than lead to possible attacks that cause the affected component to crash. Only five of the flaws would let attackers put malicious code on a victim's computer.

Dangerous Bugs

The CoreGraphics bug is among the most serious vulnerabilities patched in the latest security release. By enticing a user to open a maliciously crafted PDF, an attacker could trigger an overflow that might lead to an unexpected application crash or arbitrary code execution. The Apple security update addresses the issue by performing additional validation of PDF files.

Also of note is a dangerous flaw in iChat, Apple's instant-messaging service. A buffer-overflow vulnerability exists in the code used to create iChat port mappings on home NAT gateways.

By sending a maliciously crafted packet, an attacker on the local network could trigger an overflow that could lead to an unexpected application crash or arbitrary code execution. The update addresses the issue by performing additional validation when processing data packets in iChat.

More Back Doors

In certain circumstances, an implementation issue in Alias Manager will not show identically named files contained in identically named mounted disk images. This can leave some wiggle room for attackers.

By enticing a user to mount two identically named disk images, an attacker could mislead the user into opening a malicious program. The update addresses the issue by performing additional validation.

In other flaws, a cryptographic weakness in fetchmail could lead to the disclosure of fetchmail passwords. Meanwile, a local user might obtain system privileges through a format string vulnerability in VPN, and a file-handling issue that exists in texinfo might allow a local user to create or overwrite files with the privileges of the user running texinfo.

Mac users can download the security updates from Apple's site or by using the Mac's built-in update tool.

Open source JBoss Rules gains speed
JBoss is announcing Monday a faster version of JBoss Rules, the company's open source business rules engine.
Google offers to run site search engines
Google Inc. is offering to run the search engines of small Web sites for as little as $100 per year, marking the company's latest attempt to make more money off technology that already steers much of the Internet's traffic.
Bloggers consider forming labor union
In a move that might make some people scratch their heads, a loosely formed coalition of left-leaning bloggers are trying to band together to form a labor union they hope will help them receive health insurance, conduct collective bargaining or even set professional standards.
Apple plans iMac desktop upgrade
Apple plans to upgrade its iMac desktop PC line on Tuesday with a flashier design and thinner keyboard, according to comments and photos on industry blogs. Apple did not return calls for comment, but has already announced that it will hold a news conference that day at its Cupertino, California, headquarters.
IBM Information Server Blade does data integration
For years IBM has doggedly pursued the massive problem of pulling data strewn across the enterprise into an integrated, harmonious whole. At LinuxWorld on Monday, the company introduced IBM Information Server Blade, an appliance-like bundle intended to make the Herculean task of enterprise data integration faster and easier.
Mozilla Says It Can Patch Flaws in Ten Days
A Mozilla Corp. executive has vowed that his company can patch any critical vulnerability in its software within 10 days, a sign that Mozilla may intend to step up its efforts to improve security.
HP Offers Open-Source Code
Hewlett-Packard is releasing to the open source community the computer code for a software programming interface that helps manage large data sets in high performance computing environments.
OSA debuts CCV interoperability prototype
Nonprofit vendor consortium the Open Solutions Alliance (OSA) made good on its April promise to deliver a prototype demonstrating interoperability between open-source and proprietary business applications in time for LinuxWorld this week.
Dell, Red Hat mix and match OS and application stack
Red Hat and Linux continued its move up and down the enterprise operating stack with the announcement this week by Dell that it would offer its customers the Red Hat middleware stack on Dell PowerEdge servers.
EnterpriseDB releases PostgreSQL distribution
EnterpriseDB has released a new distribution of the PostgreSQL open-source database, hoping to expand the use of the software and compete better with MySQL.


   
» Web Hosting Interviews
Web Hosting interviews, news and reviews. Compare the Best web hosting providers.
» Daw - Web Hosting Blog
Views and Comments about Hosting Industry. News, Trends, Products and Sevices.
» Your WebSite Here
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371


» Submit your site to Web Design Directory

About Us | Advertising | Privacy | Terms Of Use | Contact Us

© DesignDIR.net 2003 - 2017, part of of Business Address Network. All Rights Reserved!