It’s Microsoft Patch Tuesday…and what a perfect time to release a security patch for Mac. Don’t get me wrong. I’m a huge Mac fan. I just find it amusing that they released it the day before. Hoping to get lost in the shuffle perhaps?
The fixes on the block today from Apple are,
- Directory Services – CVE-ID: CVE-2007-0355 – Impact: A local user may be able to execute arbitrary code with system privileges
- Foundation – CVE-ID: CVE-2008-0035 – Impact: Accessing a maliciously crafted URL may lead to an application termination or arbitrary code execution
- Launch Services – CVE-ID: CVE-2008-0038 – Impact: An application removed from the system may still be launched via the Time Machine backup
- Mail – CVE-ID: CVE-2008-0039 – Impact: Accessing a URL in a message may lead to arbitrary code execution
- NFS – CVE-ID: CVE-2008-0040 – Impact: If the system is being used as an NFS client or server, a remote attacker may cause an unexpected system shutdown or arbitrary code execution
- Open Directory – Impact: NTLM authentication requests may always fail – (Tiger only)
- Parental Controls – CVE-ID: CVE-2008-0041 – Impact: Requesting to unblock a website leads to information disclosure
- Samba – CVE-ID: CVE-2007-6015 – Impact: A remote attacker may cause an unexpected application termination or arbitrary code execution
- Terminal – CVE-ID: CVE-2008-0042 – Impact: Viewing a maliciously crafted web page may lead to arbitrary code execution
- X11 – CVE-ID: CVE-2007-4568 – Impact: Multiple Vulnerabilities exist in X11 X Font Server (XFS) 1.0.4
- X11 – CVE-ID: CVE-2008-0037 – Impact: Changing the settings in the Security Preferences Panel has no effect
[tags]Apple Security, Apple Patches, 10.5.2, Security Patching[/tags]
