14 DAY TRIAL // Apple has posted a document that describes the security fixes included in Security Update 2010-002, some of which also made their way in Mac OS X v10.6.3, the latest incremental update to Apple’s Snow Leopard operating system. None of the patches addresses any Mac OS X 10.4 Tiger issues, therefore Apple hasn’t released a Tiger-specific version of the update. However, the hefty package does include a number of Mac OS X 10.5 Leopard fixes.
For example, the first issue listed by Apple via Support document HT4077 (About the security content of Security Update 2010-002 / Mac OS X v10.6.3) affects only Mac OS X v10.5.8, the latest version of Apple’s Leopard OS. Available for both the Client and Server sides of the software, “A buffer overflow exists in the spell checking feature used by Cocoa applications,” the problem is described. “Spell checking a maliciously crafted document may lead to an unexpected application termination or arbitrary code execution,” Apple explains, outlining that it has addressed the issue through improved bounds checking. This particular security hole, like many others, does not affect Mac OS X 10.6, Snow Leopard.
There are, of course, issues that affect only Snow Leopard. Available for Mac OS X 10.6 through v10.6.2, “Playing maliciously crafted audio content may lead to an unexpected application termination or arbitrary code execution,” Apple reveals. The vulnerability is caused by a memory corruption issue that exists in the handling of QDM2 encoded audio content. “This issue is addressed through improved bounds checking,” Apple claims. The Mac maker doesn’t forget to credit an anonymous researcher working with TippingPoint's Zero Day Initiative for reporting the issue.
Apple points out that the same type of heap buffer overflow exists in CoreMedia's handling of H.263 encoded movie files. This issue is addressed in a similar manner, by performing additional validation of H.263 encoded movie files.
However, there are vulnerabilities that affect both Mac OS X 10.6 Snow Leopard, and Mac OS X 10.5 Leopard. A good example is a problem with mounting a maliciously crafted disk image. Leading to unexpected application termination or arbitrary code execution, the error occurs because of a memory corruption issue that exists in Mac OS X’s handling of bzip2 compressed disk images. In usual manner, this issue has been addressed through improved bounds checking.
For a complete list of fixes delivered in Apple’s 2010-002 Security Update as well as in Mac OS X 10.6.3, read through the aforementioned Support document. The download links below serve Mac users looking to update their systems.