3 August 2007 @ 14:47A fix for the Apple worm?

Apple has issued a “fix” for the mDNSResponder exploit, that was recently revealed. This “fix” comes in the form of Security Update 2007-007. From Apple’s site:

CVE-ID: CVE-2007-3744

Available for: Mac OS X v10.4.10, Mac OS X Server v10.4.10

Impact: An attacker on the local network may be able to cause a denial of service or arbitrary code execution

Description: A buffer overflow vulnerability exists in the UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) code used to create Port Mappings on home NAT gateways in the Mac OS X implementation of mDNSResponder. By sending a maliciously crafted packet, an attacker on the local network can trigger the overflow which may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by removing UPnP IGD support. This issue does not affect systems prior to Mac OS X v10.4.

I’m not sure if Apple simply removed what was broken — UPnP IGD support or fixed a different issue. Either way, I would rather a weakness be removed until it can be fortified, than open until a fix is developed.

Is there truly a connection between this security update and the revelation by InfoSec Sellout that a worm had been written that took advantage of this bug in mDNSResponder? At this point, we can only speculate.

Be Sociable, Share!

by | Add a comment | Posted in apple, mac, security, worm | Link to this

Add a Comment

Show who you are with a Gravatar.


Sign up for PayPal and start accepting credit card payments instantly.

Staples Logo

Get fed!

rss icon subscribe to Geek stuff

rss icon Geek stuff in your inbox

Add the "Geek stuff" Google Gadget to your homepage

Add the "Daily Deals" Google Gadget to your homepage


Search Amazon

Search Amazon.com
Search Amazon.co.uk

Recent Forum Topics


    Web hosting by ICDSoft