Apple Fixes Hole With Mac Os X Image Viewing


Recommended Posts

Apple fixes hole with Mac OS X image viewing

by Elinor Mills

Apple on Wednesday issued a security update that fixes 18 vulnerabilities including several that put computers running Mac OS X at risk of remote code execution if a maliciously crafted image is viewed.

In addition to fixing a problem with how PNG images are handled, Security Update 2009-003 fixes issues related to ImageIO's handling of OpenEXR images, EXIF metadata, as well as Canon RAW images and images with an embedded ColorSync profile.

The update, which arrives as part of the release of Mac OS X v10.5.8, extends the list of content types the Mac OS X will flag as potentially unsafe when downloaded from the Web. It also fixes a problem with how XML content is handled and resolves the way the kernel handles AppleTalk response packets.

Apple also identified and fixed a problem with MobileMe. Signing out of MobileMe does not remove all credentials and a person with access to the local user account could continue to access associated systems.

Originally posted at InSecurity Complex

cnet news - http://news.cnet.com/security/

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...