January 25, 2007 7:00 PM PST

Apple closes Wi-Fi hole

Apple late on Thursday released a security update to plug a publicly known security hole in its AirPort product.

The update fixes a vulnerability that affects both the server and client versions of Mac OS X, Apple said in its alert. The problem was disclosed in November as part of the Month of Kernel Bugs campaign.

An attacker could exploit the flaw over a wireless network by sending malicious data to a vulnerable Mac, Apple said. "An attacker in local proximity may be able to trigger a system crash by sending a maliciously crafted frame to an affected system," it said in the alert.

The issue affects the Intel Core Duo-based versions of Mac mini, MacBook and MacBook Pro computers equipped with wireless, Apple said. Other systems, including the Core 2 Duo versions of the same machines are not affected, it said.

Apple fixed the issue by adding more validation of wireless frames, the Cupertino, Calif., company said. The AirPort Extreme Update 2007-001 can be obtained from the Software Update feature in Mac OS X or Apple's Software Downloads Web site.

Vulnerabilities in the Mac OS X have been rising, leading some experts to note that the Macintosh platform is not impervious to security problems. The vast majority of security vulnerabilities, however, affect computers running Microsoft Windows. Also, attacks on Macs have largely been theoretical so far.

See more CNET content tagged:
Apple Computer, Apple Macintosh, vulnerability, Apple Mac OS X, Apple Mac OS

9 comments

Join the conversation!
Add your comment
Finally!
A balanced article about Apple from C|net. Will wonders never
cease.
Posted by lkrupp (1608 comments )
Reply Link Flag
You've got something backward
Normally cnet is anti-Apple, so you have no credibility whatsoever.
Even this article has a few stinkers in it.

Have a nice day!
Posted by lesfilip (496 comments )
Link Flag
Finally
Apple patched an outstanding flaw in there product threatening there user base after spending so much energy telling us how it didn't exist in the first place.

CNet's balance has nothing todo with it. They seem to always be balanced against the preferences of the person making the statement.

Last week they where all bout Vista and cult of apple complained. This week it'll be all about Apple and Microsurfs will complain. Heck, I'm just happy they are starting to include more FOSS news.
Posted by jabbotts (492 comments )
Link Flag
The Truth Hurts
It has been claimed that CNet does not balance their reporting when discussing Apple products. I don't see it.

In this report however, Apple users shouldn't think the PC users are out to get them. It's time to get over whatever they're suffering from (those that do, not every Apple user), and join those of us who focus want the computer community to strive to make things better for everyone.

This vulnerability should have been patched much, much earlier. But now that it has, it's time to spread the word so everyone benefits from the patch. Even those who own PC's but look to own Apple products soon.

PC users won't laugh...honest. In fact, you'll find that many will welcome you in to their security circles.
Posted by Joe Koskovics (18 comments )
Reply Link Flag
The Truth Hurts
It has been claimed that CNet does not balance their reporting when discussing Apple products. I don't see it.

In this report however, Apple users shouldn't think the PC users are out to get them. It's time to get over whatever they're suffering from (those that do, not every Apple user), and join those of us who focus, and want the computer community to strive to make things better for everyone.

This vulnerability should have been patched much, much earlier. But now that it has, it's time to spread the word so everyone benefits from the patch. Even those who own PC's but look to own Apple products soon.

PC users won't laugh...honest. In fact, you'll find that many will welcome you in to their security circles.
Posted by Joe Koskovics (18 comments )
Reply Link Flag
LOL... who said Macs were impervious?
"Vulnerabilities in the Mac OS X have been rising, leading some
experts to note that the Macintosh platform is not impervious to
security problems."

LOL... that took experts to note? I don't think anyone is saying
the Mac is impervious to attack. It is just way less likely to be
attacked, both due to the percentage of it being targeted, as well
as the fact that it is less likely to be attacked by design. This
doesn't mean it is safe, just that is safer.

I live near a small grad school campus where my wife attends.
I've helped a good number of (and heard about many others)
students who have had their Windows boxes invaded. Yet, not
one Mac person I know has had a problem. (and, several of the
PC users did take precautions, such as anti-virus apps.... and
none of the Mac users are running any anti-virus software as far
as I am aware.) Again, this doesn't mean the Mac user can't have
a problem... just demonstrates how much less likely it currently
is.

It might be good to get more of this in the press though, so
people do their updates and are aware. The Mac will have
problems for sure... it just isn't an every-day occurrence. Maybe
it will be some day, but I rather doubt it. There are so many
ways in which the MacOS is just better setup to avoid the
problems. I'm sure as M$ works on this problem... the attacks
will begin to trim down there as well. The Mac is just starting
from a MUCH better point, both technically and socially. Neither
is impervious, and neither can't be fixed to a reasonable level.
Posted by stevew928--2008 (19 comments )
Reply Link Flag
only the marketing and undereducated said "impervious"
Sure the marketing campain states that none of the ills of Windows exist in osX. It's marketing, I wouldn't expect any product manufacturer to come out with ads stating; "we made it, and it sucks rocks.. please buy one." It would be a remarkably fresh and honest aproach though.

Yes, Cult of Apple have run on at the mouth over how the marketing hype of the previous paragraph proves itself as fact. Which, is of course as blind to reality as stating that Windows is secure and efficient or that your 85$ grandma who can't operate a tv remote could install Linux (Ubuntu is great, but not that great).

Now, that covering the marketeers and blindly brand loyal.

Over in reality, most still realize that Apple makes computers like anyone else and that osX is just another operating system. It happens to be built on a much more evolved and better planned architechture than Windows OnionOS but but still, just software and hardware.

As someone pointed out, it's not that osX had a flaw in it's network stack, it's that it took until now to fix the problem. Maybe it was overly complicated and a team of developers has been loosing sleap for the last six to twelve months.

Unfurtunately, this article (or fortunately for Cnet) will probably cause the usual series of comments. The Windows fans will tell us how Apple had it coming and "see, they suck". The Apple fans will tell us how this is nothing, apple can still do no wrong. The odd person who just discovered Linux and the world of OS outside of Microsoft/Apple will make a statement about how both OS suck because they've just installed some linux distrobution last week and it's the beez knees.
Posted by jabbotts (492 comments )
Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.