Apple security update patches iChat, disk image flaws

Specifically, the Cupertino-based company tackled two glitches affecting its iChat video conferencing software.

The first fix targets a vulnerability that left iChat's Bonjour wireless discovery open to an attack that could result in an application crash. Meanwhile, the second patches a format string vulnerability in the software's URL handler that could have allowed attackers to trigger an overflow, which could then lead to an application crash or arbitrary code execution.

Apple said it addressed the issues by performing additional validation of both Bonjour messages and AIM URLs.

The Mac maker also bandaged a memory corruption vulnerability in the Mac OS X Finder that could be triggered by a disk image containing a volume name longer than 255 bytes. The issue, which could lead to an exploitable denial of service condition and potential arbitrary code execution, was repaired through additional validation checks, the company said.

Of all the bugs targeted by the Apple security update, one that was capable of using the Mac OS X notification process to hijack root access may have posed the greatest danger to users. Apple said the issue was repaired by making the UserNotificationCenter software process drop its group privileges immediately after launching.

All four fixes are available as part of Security Update 2007-002, which was made available for Intel-based Macs running Mac OS X 10.4.8 [6.6MB], PowerPC-based Macs running Mac OS X 10.4.8 Client or Server [3.8MB], and Macs running Mac OS X 10.3.9 [1.4MB].