Apple has rolled out a security update to correct nine potentially serious vulnerabilities in the Mac OS X operating system.
The update, which carries a “highly critical” rating from Secunia, comes with a modification to Apple Computer Inc.s Safari browser to provide protection against an IDN (International Domain Names) URL-spoofing vulnerability.
The IDN bug allows maliciously registered international domains to make URLs visually appear as legitimate sites. The issue affects multiple Web browsers and workarounds from Mozilla and Opera have already been released.
According to an advisory from Apple, Safari has been tweaked so that it consults a user-customizable list of scripts that are allowed to be displayed natively.
“Characters based on scripts that are not in the allowed list are displayed in their Punycode equivalent,” the company explained.
Apple said the default list of allowed scripts does not include Roman look-alike scripts.
The companys monthly patch also corrects two vulnerabilities in the AFP (Apple Filing Protocol) Server.
The first was described as a denial-of-service issue which can be exploited to terminate the operation of the AFP Server due to an incorrect memory reference.
A separate patch fixes the checking of file permissions for access to Drop Boxes to protect against the contents being discovered by malicious attackers.
The update also resolves:
- An error in Bluetooth Setup Assistant that can be exploited to bypass security restrictions when using a Bluetooth input device.
- A boundary error in the Core Foundation library when handling the CF_CHARSET_PATH environment variables, which can cause buffer overflows to allow malicious local users to execute arbitrary code with escalated privileges.
- Multiple vulnerabilities in the Cyrus IMAP Server that can be exploited by malicious people to compromise a vulnerable system.
- Several flaws in Cyrus SASL that can be exploited to crash or potentially compromise applications linked against the library.
- Insecure permissions on various directories that may result in race conditions and allow local privilege escalation.
- A security hole in Mailman that can be exploited by malicious people to disclose sensitive information.
Apple has posted download locations (Client and Server) on its support Web site.