11 November 2008, 10:04
Apple patches critical holes in iLife
Apple has released iLife Support 8.3.1, a security update for iLife that closes three critical security holes. All three holes make it possible for attackers to inject their own code onto a computer and execute it using specially crafted TIFF and JPEG images. For the attack to work, the victim has to open the images. The vulnerabilities are caused by a number of memory errors that occur when ImageIO processes images.
Only MacOS X 10.4.9 to 10.4.11, Mac OS X Tiger, are affected. The 12 MB downloadable update is only available for version 10.4.11; 10.4.9 users should update to 10.4.11 then install the update. Apple fixed the same problems in Mac OS X 10.5, Leopard, in an updated delivered in September
See also:
- About the security content of iLife Support 8.3.1, Apple report
(djwm)
Print Version | Send by email
| Permalink: http://h-online.com/-738063
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
