Apple fixes potential wireless security flaws in OS XBy Justin Mann
Apple has recently updated OS X for both Intel-based and Power PC-based Macs, versions 10.3.9 and 10.4.7. The updates include three security patches for flaws discovered in the wireless networking portions of the OS. Affecting desktops and servers equally, they could theoretically allow someone to execute arbitrary code on a vulnerable system, leaving it open to be taken over or otherwise compromised:
"Attackers on the wireless network may cause arbitrary code execution," Apple said in the alert describing one of the flaws. "Arbitrary code execution" means that the intruder can commandeer the system. The other two flaws allow the same type of compromise, but can also cause system crashes or, in one case, privilege escalation, the Mac maker said.
The flaws don't have known ways of exploiting them in the wild, according to Apple, in which case this is a very proactive measure to ensure nothing goes wrong. Apple is stating that overall they have improved the security of their driver set:
"Today's update preemptively strengthens our drivers against potential vulnerabilities, and while it addresses issues found internally by Apple, we are open to hearing from security researchers on how to improve security on the Mac," the representative added.
If you're using OS X, be sure to get the update.