Seucrity Update 2010-003 addresses zero-day bug

Apple products and Mac operating systems. Including discussions on Virtual PC for Mac, Parallels Desktop for Mac, all Apple hardware and everything relating to Apple and Mac!
(MacCentre701)

Seucrity Update 2010-003 addresses zero-day bug

Postby Antony » Thu 15 Apr, 2010 8:00 am

Image

Apple has released the first Security Update 2010-003 for Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.3, Mac OS X Server v10.6.3. This update address vulnerabilities including fixing zero day bugs. Apple said:
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.3, Mac OS X Server v10.6.3

Impact: Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution.

Description: An unchecked index issue exists in Apple Type Services' handling of embedded fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution. This issue is addressed through improved index checking. Credit to Charlie Miller working with TippingPoint's Zero Day Initiative for reporting this issue.


For details about this security update, please refer to About Security Update 2010-003 page.

Security Update 2010-003 can be downloaded from Apple Software Update under Apple menu or from Apple's Support Download site.
UserAgent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3
User avatar
Antony
diamond member
diamond member
 
Posts: 15262
Joined: Tue 18 Jun, 2002 11:36 pm
Location: Sydney, Australia

Return to Mac OS and Apple

Who is online

Registered users: Bing [Bot], Exabot [Bot], Google [Bot], Yahoo [Bot]
cron