MAAS History
Archives

Entries by drStrangeP0rk (171)

Tuesday
Aug112009

Microsoft Updates Office Mac 12.2.1 and MS Remote Desktop

DateTuesday, August 11, 2009 at 10:34PM

If you work within a mixed environment Microsoft has released an update for it's remote desktop client for Mac addressing heap overflows. Users should make sure to download the latest update and work with MS System Administrators, this patch is labeled critical by Microsoft.

They have also released Mac Office fixes related to Open XML, including Macro-enabled documents and templates. Users may have encountered a message in Excel that it is unable to open files. Improvements have been made to address compabilities issues. Users should use the auto update feature of Mac Office of can download it here.

http://www.microsoft.com/downloads/details.aspx?FamilyID=9730452b-e6ad-4330-93e4-57f66293bf1c&displaylang=en

AuthordrStrangeP0rk | CommentPost a Comment | Reference1 Reference |
in ,
Tuesday
Aug112009

Safari Update 4.0.3

DateTuesday, August 11, 2009 at 09:36PM

Apple has released version 4.0.3 of Safari web browser for the Mac and Windows platform. WebKit issues have been addressed. A buffer overflow within WebKit's ability to parse floating point numbers could be exploited by an attacker leading to DoS or arbitrary code execution. WebKit also allowed for pluginspage attribute of the embed element to reference file URL's from Safari. A redirect to the URL listed in the attributes could allow an attacker to gain access to launch or open files. WebKit will now restrict pluginpage URL's to http or https. WebKit's IDN and Unicode embedded schema could be exploited to create a look-alike URL. This spoofing will appear to be the legitimate domain. WebKit list of known look-alike characters has been supplemented mitigating this exploit.

Apple introduced the Top Sites feature into Safari 4, it was possible for malicious sites to promote using automated actions. The TopSites feature could be used to create phishing attack or enhanced spoofing. safari Update 4.0.3 ensures that sites cannot access or alter Top Sites list.  

AuthordrStrangeP0rk | CommentPost a Comment | Reference3 References |
in , , , ,
Wednesday
Aug052009

Mac OSX 10.5.8 Security Update

DateWednesday, August 5, 2009 at 06:30PM

Apple addresses various CVE-ID updates related to Mac OSX server and clients. These updates should be applied to all systems, the update does require a reboot.

Within bzip2 an out-of-bounds memory access fault exist which can lead to a crash caused be a malicious crafted compressed file. bzip2 is updated to ver. 1.0.5.

CFNetwork now will return the correct address when Safari encounters a 302 redirect. Previouly a the certificate warning would include the original site's URL instead of the current URL. An attacker could control the displayed website URL in a certificate warning. 

A maliciously crafted ColorSync profile within an image could allow an attacker to terminate the application or execute code. This was caused by a heap buffer overflow in the handling of images embedded with ColorSync profiles. The validation of these profiles has been expanded and improved. 

Various content has been added to the system's list of unsafe content. This includes various JavaScript code in Safari. Additionally four-finger Multi-Touch gestures prevents users from using Expose when the screen-saver is running.

A stack buffer overflow in the handling of Canon Raw images has been fix using improved bounds checking. ImageIO handling as well including the handling of OpenEXR images was fixed by updating OpenEXR to version 1.6.1. ImageIO also has improved bounds checking and validation. This addresses issues related to specially crafted PNG images which attackers could use.

Improvements have been made to fcntl system calls which prevents the overwrite of kernel memory allowing attackers to run code with system privileges. launchd error handling has been improve to prevent the DoS issues when opening many connections. 

Login Window and Networking issues have been addresses including format string issues and maliciously crafted AppleTalk response packet. Also in Networking the synchronization of a message file descriptor to a socket with no receiver that caused the system to shut down has been patched. 

Improvements have been made to XQuery and MobileMe. MobileMe will now delete all credentials when signing out of the Preference Pane. (For Developers it is recommended to explore ADC's better authorization example) XQuery with Unicode code points greater than 255 is now fixed, Perl Compatible Regular Expressions (PCRE) is updates to version 7.6.

AuthordrStrangeP0rk | CommentPost a Comment | Reference4 References |
in , ,
Tuesday
Aug042009

GarageBand 5.1 Update

DateTuesday, August 4, 2009 at 08:14AM

When GarageBand is opened the default for cookies in Safari is change to always accept cookies. This allows users to be tracked without their knowledge. This update can be accomplished via the Apple Software Update or the link below. This update is part of the iLfe update and not part of the version delivered with default install of OSX.

http://support.apple.com/downloads/#garageband

AuthordrStrangeP0rk | CommentPost a Comment | Reference1 Reference |
in , , , , ,
Monday
Aug032009

Firefox Version 3.5.2

DateMonday, August 3, 2009 at 05:31PM

This version of Firefox addresses compromise of SSL-protected communication and heap overflow in certificate regexp parsing. The heap overflow of certificate names in handlers of regular expressions could allow an attacker to run malisious code. Firefox version 3.5 uses industry standard wildcard syntax which is not vulnerable to this flaw.

Dan Kaminsky, who had published the DNS flaw has discovered a mismatch of domain names in SSL certificates. If someone wanted to they can request a certificate with invalid or null character. Many Certificate Authorities would issue the ticket with incomplete or invalid information. SSL clients used the invalidated certificate information before the null allowing the attacker to be trusted. In a nut shell an attacker could obtain a certificate for any web site they wished to attack. The attack could allow for the interception and alteration of the encrypted communication between the client and server. This type of attack could be used to compromise client updates including the integrity of Firefox updates as demonstrated by Moxie Marlinspike.

AuthordrStrangeP0rk | CommentPost a Comment | Reference2 References |
in , ,
Page 1 ... 25 26 27 28 29 ... 35 Next 5 Entries ยป