Modernizing Authentication — What It Takes to Transform Secure Access
One security fix in Mac OS X 10.4.7 addresses information disclosure in the AppleShare File Protocol (AFP).
AFP could have allowed unauthorized users to get search results for files and folders for which the user should not have access to. According to Apple's advisory, "this could result in information disclosure if the names themselves are sensitive information."
ImageIO, which handles images in Mac OS X, is also updated due to a potential arbitrary code execution risk that could occur if a user encounters a maliciously crafted TIFF image.https://o1.qnsr.com/log/p.gif?;n=203;c=204634421;s=15939;x=7936;f=201702151714490;u=j;z=TIMESTAMP;a=20304455;e=iThis is not the first time that Apple has had to update ImageIO to protect against a potential image-based attack.
Apple's last major security update, Security Update 2006-003, also fixed an issue with ImageIO.
The 10.4.7 release also addresses two issues in open source Applications that are included in the operating system.
ClamAV, which is an antivirus scanner, is updated to protect against a potential stack-based buffer overflow vulnerability. And OpenLDAP, which provides LDAP (define) user authentication, is now protected against a potential denial-of-service vulnerability.
On the networking side, 10.4.7 includes a long list of bug fixes and a few feature improvements.
OS X now has the ability to respond to Layer 2 Multicast ARPs (define).
ARP (Address Resolution Protocol) enables the translation of Ethernet MAC addresses from IP addresses. Apple's Virtual Private Network (VPN) (define) client is now more compatible with Cisco's VPN via its new support for group on Cisco VPN servers.
Syncing is also improved in the 10.4.7 release.