Apple's Latest OS Fixes

Download our in-depth report: The Ultimate Guide to IT Security Vendors

Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  
The latest version of Apple's operating system includes the usual security updates, networking improvements and bug fixes. It will also be the last update before the company releases its next big OS.

One security fix in Mac OS X 10.4.7 addresses information disclosure in the AppleShare File Protocol (AFP).

AFP could have allowed unauthorized users to get search results for files and folders for which the user should not have access to. According to Apple's advisory, "this could result in information disclosure if the names themselves are sensitive information."

ImageIO, which handles images in Mac OS X, is also updated due to a potential arbitrary code execution risk that could occur if a user encounters a maliciously crafted TIFF image.

This is not the first time that Apple has had to update ImageIO to protect against a potential image-based attack.

Apple's last major security update, Security Update 2006-003, also fixed an issue with ImageIO.

The 10.4.7 release also addresses two issues in open source Applications that are included in the operating system.

ClamAV, which is an antivirus scanner, is updated to protect against a potential stack-based buffer overflow vulnerability. And OpenLDAP, which provides LDAP (define) user authentication, is now protected against a potential denial-of-service vulnerability.

On the networking side, 10.4.7 includes a long list of bug fixes and a few feature improvements.

OS X now has the ability to respond to Layer 2 Multicast ARPs (define).

ARP (Address Resolution Protocol) enables the translation of Ethernet MAC addresses from IP addresses. Apple's Virtual Private Network (VPN) (define) client is now more compatible with Cisco's VPN via its new support for group on Cisco VPN servers.

Syncing is also improved in the 10.4.7 release.

This article was first published on InternetNews.com. To read the full article, click here.

Submit a Comment

Loading Comments...