Apple updates Airport Drivers
Apple today released an urgent update for OS X, fixing arbitrary code executing issues with its airport drivers. This is likely going to fix the issues demoed at Blackhat. This demo ignited a controversy as Apple never actualy acknowledged that such a vulnerability exists. The researchers at the time where careful not to demo the exploit outside of a controlled lab in order to not release the exploit (after all... its "wireless").
The full advisory notes 3(!) arbitrary code execution issues fixed by this patch. The advisory mentions that there is no known exploit, and does not give credit to anyone for discovering the vulnerability.
I recommend applying the patch ASAP. However, you will only be able to download the full patch "as is". Patches for the individual vulnerabilities are not provided. Interestingly, OS-X update labels the patch a "wireless network reliability fix".
0 comment(s)
The full advisory notes 3(!) arbitrary code execution issues fixed by this patch. The advisory mentions that there is no known exploit, and does not give credit to anyone for discovering the vulnerability.
I recommend applying the patch ASAP. However, you will only be able to download the full patch "as is". Patches for the individual vulnerabilities are not provided. Interestingly, OS-X update labels the patch a "wireless network reliability fix".
For more background from Brian Krebs, see his latest blog.
My next class:
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
×
Diary Archives
Comments