X

Fix in for Apple flaw

Xsan Filesystem patch tackles flaws in Mac OS X versions that could allow attackers to execute arbitrary code or crash a system.

Dawn Kawamoto
Dawn Kawamoto Former Staff writer, CNET News
Dawn Kawamoto covered enterprise security and financial news relating to technology for CNET News.

Apple Computer issued a patch for its Xsan Filesystem software on Thursday, designed to fix vulnerabilities that could allow attackers to execute arbitrary code or crash a system. The patch, Xsan Filesystem 1.4, is targeted at systems running Mac OS X version 10.4.7 and Mac OS X Server version 10.4.7.

The Xsan Filesystem flaws could enable a malicious attacker to launch a buffer overflow attack when the software driver is processing a path name. That could lead to a system crash or arbitrary code execution with system privileges, Apple said.