New Apple patch plugs Wi-Fi hijack flaws

A trio of security flaws in Apple Computer software that runs wireless-networking hardware could allow Macs to be hijacked over Wi-Fi, Apple said Thursday.

The Cupertino, Calif.-based company released security updates to repair the problems, which together affect the AirPort wireless driver in Mac OS X 10 Panther version 10.3.9 and Mac OS X Tiger 10.4.7, according to Apple’s security alert. Both Intel-based and Power PC-based versions of the Mac operating system are affected, on regular computers as well as on servers, Apple said.

“Attackers on the wireless network may cause arbitrary code execution,” Apple said in the alert describing one of the flaws. “Arbitrary code execution” means the intruder can commandeer the system. The other two flaws allow the same type of compromise, but can also cause system crashes or, in one case, privilege escalation, the Mac maker said.

There are no known exploits for the vulnerabilities addressed by the update, Apple said. This means people should not be under immediate threat of attack.

Related Posts

1. Firefox 1.5.0.5 update plugs ‘critical’ holes
2. KaZaA To Patch ‘Serious’ Vulnerability
3. More security problems bite Apple
4. Report: Major Windows security update foiled
5. Firefox JavaScript security “a complete mess”? More like a hoax