Apple Addresses Wireless Vulnerabilities

At the end of last week, Apple released a Security and AirPort update that addresses vulnerabilities found in the wireless drivers. According to Apple, the issues fixed were found as the result of an internal audit of the software drivers, and that no known exploits for the issues addressed exist in the wild.

Apple has clearly stated that SecureWorks provided no proof that Mac drivers are vulnerable in any way.
"They did not supply us with any information to allow us to identify a specific problem, so we initiated an internal audit," Apple spokesman, Anuj Nayar, told Macworld. "Today's update preemptively strengthens our drivers against potential vulnerabilities, and while it addresses issues found internally by Apple, we are open to hearing from security researchers on how to improve security on the Mac."

According to the update notes, there were two separate stack buffer overflows in the AirPort wireless driver's handling of malformed frames. This would allow an attacker in close proximity to trigger an overflow by injecting a maliciously crafted frame into a wireless network. When the AirPort is on, this could lead to arbitrary code execution with system privileges.

Similarly, a heap buffer overflow that existed could have allowed attackers on a wireless network to cause system crashes, privilege elevation or arbitrary code execution.