Security Update 2006-005 released: Includes AirPort security refinements -- not intended for all Macs

Apple has released Security Update 2006-005. For the first time, Apple has released a Universal edition of a Security Update, which works on both PowerPC and Intel-based Macs. The company has also issued a PowerPC-only edition.

Note that this update is not intended for all Macs. It will only install on the following iterations (builds) of Mac OS X:

• Mac OS X v10.3.9
• Mac OS X Server v10.3.9
• Mac OS X v10.4.7 Builds 8J135, 8K1079, 8K1106, 8K1123, or 8K1124
• Mac OS X Server v10.4.7 Builds 8J135 or 8K1079

You can check which build of Mac OS X you have by going to the Apple menu, selecting "About this Mac," then click on the Mac OS X version number listed there to reveal the build number. Alternatively, open the Terminal (located in Applications/Utilities) and type the following:

• sw_vers

and press return.

If you have a different build of Mac OS X, try applying AirPort Extreme updater 2006-001.

This update includes the following security fixes:

Attackers on the wireless network may cause arbitrary code execution Two separate stack buffer overflows exist in the AirPort wireless driver's handling of malformed frames. An attacker in local proximity may be able to trigger an overflow by injecting a maliciously-crafted frame into a wireless network. When the AirPort is on, this could lead to arbitrary code execution with system privileges. This issue affects Power Mac, PowerBook, iBook, iMac, Mac Pro, Xserve, and PowerPC-based Mac mini computers equipped with wireless. Intel-based Mac mini, MacBook, and MacBook Pro computers are not affected. There is no known exploit for this issue. This update addresses the issues by performing additional validation of wireless frames.

Attackers on the wireless network may cause system crashes, privilege elevation, or arbitrary code execution A heap buffer overflow exists in the AirPort wireless driver's handling of scan cache updates. An attacker in local proximity may be able to trigger the overflow by injecting a maliciously-crafted frame into the wireless network. This could lead to a system crash, privilege elevation, or arbitrary code execution with system privileges. This issue affects Intel-based Mac mini, MacBook, and MacBook Pro computers equipped with wireless. Power Mac, PowerBook, iBook, iMac, Mac Pro, Xserve, and PowerPC-based Mac mini computers are not affected. This update addresses the issue by performing additional validation of wireless frames. There is no known exploit for this issue. This issue does not affect systems prior to Mac OS X v10.4.

Depending upon third-party wireless software in use, attackers on the wireless network may cause crashes or arbitrary code execution An integer overflow exists in the Airport wireless driver's API for third-party wireless software. This could lead to a buffer overflow in such applications dependent upon API usage. No applications are known to be affected at this time. If an application is affected, then an attacker in local proximity may be able to trigger an overflow by injecting a maliciously-crafted frame into the wireless network. This may cause crashes or lead to arbitrary code execution with the privileges of the user running the application. This issue affects Intel-based Mac mini, MacBook, and MacBook Pro computers equipped with wireless. Power Mac, PowerBook, iBook, iMac, Mac Pro, Xserve, and PowerPC-based Mac mini computers are not affected. This update addresses the issues by performing additional validation of wireless frames. There is no known exploit for this issue. This issue does not affect systems prior to Mac OS X v10.4.

The update is available from the following download links:

• Universal, for Mac OS X 10.4.7 client/server
• PowerPC, for Mac OS X 10.4.7 client/server
• PowerPC, for OS X 10.3.9 client/server

and through Software Update.

Update procedure recommendation First, avoid performing any other operations (in Mac OS X or third-party applications) while the update process is occurring. In addition, before installing this security update, make sure all Apple-installed applications and utilities are in their original locations. Moving one of these applications to a different location on your hard drive can lead to an incomplete update. Also, disconnect any FireWire/USB devices before applying the update (except for your startup drive, if it is FireWire or USB, and your keyboard/mouse), then re-connect the devices one by one (checking for issues created by any particular device) after the update process is complete and the system has restarted.

Problems after applying the update? Please let us know.

Resources