NEWS
Apple has released a security update to plug a publicly known security hole in its AirPort product.
The update fixes a vulnerability that affects both the server and client versions of Mac OS X, Apple said in its alert. The problem was disclosed in November as part of the Month of Kernel Bugs campaign.
An attacker could exploit the flaw over a wireless network by sending malicious data to a vulnerable Mac, Apple said. "An attacker in local proximity may be able to trigger a system crash by sending a maliciously crafted frame to an affected system," it said in the alert.
The issue affects the Intel Core Duo-based versions of Mac mini, MacBook and MacBook Pro computers equipped with wireless, Apple said. Other systems, including the Core 2 Duo versions of the same machines are not affected, it said.
Apple said it fixed the issue by adding more validation of wireless frames. The AirPort Extreme Update 2007-001 may be obtained from the Software Update feature in Mac OS X or Apple's Software Downloads website.
Vulnerabilities in the Mac OS X have been rising, leading some experts to note that the Macintosh platform is not impervious to security problems. The vast majority of security vulnerabilities, however, affect computers running Microsoft Windows. Also, attacks on Macs so far have largely been theoretical.
Joris Evers writes for CNET News.com
