Mac OS X 10.6 gets man in the middle vulnerability patch

Rectifies format string issues in certain OS X versions that can be used for code execution exploits.

Apple has issued a PackageKit update which solves existing vulnerabilities in Mac OS X versions 10.6 and later. The vulnerability in PackageKit’s distribution format strings can be used by attackers to cause application termination or arbitrary code execution.

The vulnerability is usually exploited when Software Update checks for new updates. Apple claims to have addressed this issue through improved validation of distribution scripts. The update (CVE-2010-4013) is available for Mac OS X v10.6 through v10.6.5, Mac OS X Server v10.6 through v10.6.5.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on Hackers and cybercrime prevention

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close