Apple updates iPhoto 7.1.2 with a security fix

A new security update is available for Mac OS X users running the program that's part of iLife 08.

February 5, 2008 1:58 PM PST

On Tuesday, Apple issued a security update for iPhoto. The update is for users of Mac OS X v10.4.9 or later running iPhoto '08 (part of iLife 08). It addresses the vulnerability detailed in CVE-2008-0043.

To be vulnerable, Apple says, a user must subscribe to a maliciously crafted photocast. A remote attacker may then execute arbitrary code on the compromised machine. The fix addresses how iPhoto handles format strings when processing photocast subscriptions.

Apple credits Nathan McFeters of Ernst & Young's Advanced Security Center for reporting this vulnerability.

CNET Update

Google talks back in new voice search

Desktop users can have a conversation with Google search (sort of), the Kwikset Kevo locks doors with a finger tap, and Twitter adds a new twist for marketers.

Play Video