Apple releases Security Update 2006-002
Apple releases Security Update 2006-002
Apple has released Security Update 2006-002, which plugs the following security vulnerabilities:
CoreTypes
- Available for: Mac OS X v10.4.5, Mac OS X Server v10.4.5
- Impact: Remote web sites can cause JavaScript to bypass the same-origin policy
- Description: When documents containing Javascript are loaded from a remote site, data access is restricted by the same-origin policy. However, under certain situations, maliciously-crafted archives can cause these restrictions to be bypassed. This update addresses the issue by flagging these documents as unsafe.
- Available for: Mac OS X v10.4.5, Mac OS X Server v10.4.5
- Impact: Double-clicking an attachment in Mail may result in arbitrary code execution
- Description: By preparing a specially-crafted email message with attachments, and enticing a user to double-click on that attachment within Mail, an attacker may trigger a buffer overflow. This could result in the execution of arbitrary code with the privileges of the user running Mail. This update addresses the issue by performing additional bounds checking. This issue does not affect systems prior to Mac OS X v10.4. Credit to Kevin Finisterre of DigitalMunition for reporting this issue.
Safari, LaunchServices, CoreTypes
- Available for: Mac OS X v10.4.5, Mac OS X Server v10.4.5
- Impact: Viewing a malicious web site may result in arbitrary code execution
- Description: Security Update 2006-001 addressed an issue where Safari could automatically open a file which appears to be a safe file type, such as an image or movie, but is actually an application. This update provides additional checks to identify variations of the malicious file types addressed in Security Update 2006-001 so that they are not automatically opened. This issue does not affect systems prior to Mac OS X v10.4. Credit to Will Dormann of CERT/CC and Andris Baumberger for reporting several of these issues.
The following non-security issues introduced by Security Update 2006-001 are also addressed by this update:
Download Validation Security Update 2006-001 could cause the user to be warned when provided with certain safe file types, such as Word documents, and folders containing custom icons. These unneeded warnings are removed with this update.
apache_mod_php A regression in PHP 4.4.1 that could prevent SquirrelMail from functioning is corrected with this update.
rsync A regression in rsync that prevented the "--delete" command line option from functioning is corrected with this update.
The new release is available through Software Update, or via the following download links:
- Security Update 2006-002 Mac OS X 10.4.5 (PPC) [13.9 MB]
- Security Update 2006-002 Mac OS X 10.4.5 Client (Intel) [15.4 MB]
- Security Update 2006-002 (10.3.9 Client) [25.3 MB]
- Security Update 2006-002 (10.3.9 Server) [38.6 MB]
Problems with this release, please let us know at late-breakers@macfixit.com.
Resources