Apple has fixed one of the Mac OS X Wi-Fi flaws reported by the
researcher LMH during his Month of Kernel Bugs project in November.
Local attackers could exploit the flaw over a wireless network to
crash the victim's machine.
In his original
advisory from the Month of Kernel Bugs, LMH said Apple's
Airport Extreme driver fails to handle certain beacon frames,
leading to out-of-bounds memory access and resulting in a so-called
kernel panic.
Apple said in its 305031
advisory,"An attacker in local proximity may be able to trigger
a system crash by sending a maliciously-crafted frame to an
affected system."
The problem affects the Core Duo version of Mac mini, MacBook,
and MacBook Pro computers equipped with wireless. Other systems,
including the Core 2 Duo versions are not affected. Apple said its
security update addresses the issue by performing additional
validation of wireless frames.
LMH is now engaged in a
Month of Apple Bugs project. His two "Month-of" projects were
inspired by the
Month of Browser Bugs project launched by Metasploit Framework
creator H.D. Moore in July.
In a recent interview conducted by email, LMH explained his
motivation to disclose flaws in this manner.
"It's better to have someone disclosing your security flaws than
having them known by the bad guys only," he responded. "This pushes
the vendor to change its procedures and policies for vulnerability
handling and disclosure. And that's where users benefit."
However, some
security experts have criticized such disclosure projects as
something designed more for press attention than better
security.