Apple has issued a security fix for its iPhoto software to stop
users being infected with malicious photos.
The bug being plugged could have allowed an attacker to entice a
victim into subscribing to a maliciously crafted photocast.
The security fix comes with an update for iPhoto '08 distributed
this week.
The new iPhoto '08 7.1.2 addresses a flaw in iPhoto '08 version
7.1. If a user had received a malicious photocast, the attacker
could have executed code on the victim's system.
"This update addresses the issue through improved handling of
format strings when processing photocast subscriptions,"
Apple said.
