8/4/2006
- MacBooks Used to Demonstrate WiFi Vulnerabilities at Black
Hat
A
few days ago, news
broke of Jon Ellch and David Maynor's presentation at
this year's Black
Hat conference, where they target a specific security
flaw in the MacBook's wireless card driver in order to gain
total control of the machine. This years conference also includes
a discussion on "Attacking Apple's Xsan" by Charles
Edge of Three18....
8/3/2006
- MacScan 2.2 Released
We
almost overlooked this one. Securemac has released MacScan
2.2. This release "improves scanning of spyware,
definition updates, improved stability and support for OS
10.2"
While
some may argue that the items which MacScan detects do not
fall under the consentual defintion of "Spyware"..it's
an interesting release to note nonetheless.
8/3/2006
- Mac OS X Server serialnumberd Firewall Modification Vulnerability
It
appears as though serialnumberd will always re-enable UDP
port 626, even if this port is explicitly disabled via the
Firewall preference pane GUI. So..which administrators may
have purposefully disabled this, the port may still be active,
and accepting requests on this port. Rentzsch.com
has ported a quicktime video of this behavior.
8/1/2006
- Mac OS X Security Update 2006-004
Apple
has released Security
Update 2006-004. The following components have been updated:
- AFPServer
- Bluetooth
- Bom
- DHCP
- dyld
- fetchmail
- gunzip
- Image RAW
- ImageIO
- LaunchServices
- OpenSSH
- telnet
- Webkit
- Appkit, ImageIO
For
full details on each of the security updates, check our "Security
Update 2006-004" page.
7/31/2006
- Safari KHTMLParser::popOneBlock
7/31/2006
marks the last day of HD Moore's efforts at browserfun.blogspot.com.
The 7/31 update is a Safari vulnerability. According to the
site, "Safari will dereference and call a pointer from
the heap if a script element, inside a div element, redefines
the document body. Code execution is possible, but more time
is required to develop a reliable exploit.". Read the
full
post here.
7/31/2006
- Intego ContentBarrier X4 - 10.4.1
Version
10.4.1 of ContentBarrier
has been released. New features include:
- New: Japanese, Italian, Spanish localizations
- New: Instant website unlocking is also available when
using "Restricted Access" profile and when ContentBarrier
password protection is disabled
- Performance improvements
- Enhanced reliability on Mac Intel
|