http://www.h-online.com/security/icons/security_logo_theH.gif
15 March 2013, 17:49
In the latest Apple update for Mac OS X 10.8, 10.8.3, and Security Update 2013-001 for earlier Mac OS X versions, Apple has fixed a flaw which allowed malicious Java code to be run even when the Java plugin was disabled. The updates fix 21 CVE-listed flaws in Mac OS X, of which 11 are listed as allowing for remote code execution.
The Java fix is listed under "CoreTypes" as it does require the file to have been downloaded onto the system. It turns out that the system will attempt to run files automatically if they are labelled as safe and that the Java Web Start application files, .jnlp, were listed among these safe files. An attacker would need to convince a victim, through social engineering or technical trickery, to download the .jnlp file and, if the browser was set to execute safe files, that code would run. At no time would the Java plugin have been involved, so disabling Java in the browser would not have any effect on the process. Apple's fix involves simply removing .jnlp from the list of safe file types; this means Mac OS X users will still be able to explicitly start Web Start applications.
Other flaws fixed in the updates include an Apache directory traversal bug, an authentication bypass, a TIFF exploit, graphics data memory corruption, information disclosure within the kernel, the ability to launch apps using VoiceOver on the login screen, unprompted Facetime calls and remote rerouting of Jabber calls. PDF annotations could lead to remote execution, as could a bounds error in Quicktime.
http://www.h-online.com/imgs/43/9/9/7/1/9/2/Apple_patch_SEC_120-7a0cdb2dc023a428.png
Full Article
TH
Apple ships fixes for new Java Web Start hole
+56Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.