This has been a very busy week for Mac security:

1) Apple released Mac OS X 10.4.7 on Tuesday 2006-06-27. It includes
five security patches:
A) AFP server: Search results may have disclosed file and folder
names to unauthorized users.
B) ClamAVL Updated to v0.88.2. If virus scanning was set to update
automatically, a malicious or spoofed database mirror could trigger a
buffer overflow and execute arbitrary code with ClamAV privileges.
C) ImageIO: Now performs additional TIFF image validation.
Maliciously crafted TIFF images could have triggered a bugger overflow,
either crashing the app or executing arbitrary code.
D) launchd: Now performs additional logging messages validation.
Stops an authenticated local user for executing arbitrary code with
system privileges.
E) OpenLDAP: Now discards invalid LDAP requests which previously
could be used by a remote attacker to crash Open Directory server,
resulting in a denial-of-service.

Visit Apple's support site for more details:
<http://docs.info.apple.com/article.html?artnum=61798>

*URGENT* The first release of the INTEL Mac 10.4.6 to 10.4.7 update was
INCOMPLETE:
-> Several files related to OpenGL performance were missing.
-> ONLY this one updater was affected. All other 10.4.7 updaters are
unaffected.
-> This error does NOT affect the security of improperly updated
systems.

ADVICE: For INTEL Macs, run the revised updater, released Thursday
2006-29-06, to complete the update to 10.4.7.
- The new package is named: MacOSXUpd10.4.7Intel.dmg.
- It's SHA-1 digest is: 10aa57dfccd63accb0939a894cea202a8910fb45
- Check the creation date of the updater image if you are unsure
which version you have.


2) Apple released iTunes v6.0.5 on 2006-06-29 for Mac OS X 10.2.8 or
later, as well as Windows XP/2000. It includes one security patch:
A) AAC file parsing code: Now has improved validation checks when
loading AAD files. A maliciously crafted AAC file could trigger an
integer overflow causing iTunes to terminate, a denial of service, or to
execute arbitrary code.

Visit Apple's support site for more details:
<http://docs.info.apple.com/article.html?artnum=61798>

-------------

Let's take a break for my security tip of the week:
McAfee have a useful page of 13 ways to protect your system. The list
goes a bit beyond suggestions from Apple and is well worth reading:
<http://www.mcafee.com/us/threat_center/tips.html>

I don't consider the McAfee list to be in order of priority. If it were,
I would put "Back up your files frequently" at the top. On the most
excellent 'Security Now!' podcast with Steve Gibson and Leo Laporte I
heard that only about 20% of computer users back up their data. Yikes!
Note that the other 80% WILL lose data as a result of a hard drive
crash. The grizzly death of every hard drive is inevitable.

-------------

Time to visit a few anti-malware sites to see what's been cooking:

1) Sophos:



2) McAfee:



3) Sequnia:

This week there were 13 new Windows related vulnerabilities published by
Sequnia.

There were zero new Mac OS X related vulnerabilities reported by
Sequnia. But take note of the six vulnerability fixes reported by Apple.

This week Sequnia collected another 253 virus descriptions. None were
for Mac OS X, and none were higher than 'MEDIUM' in risk.

* Remember: If you run Windows on your Mac via any method, and you
connect that system to the Internet, it is critical that you have
anti-virus and anti-spyware software installed and running full time.
Ideally you should have an active firewall as well. Use the one in
Windows XP, obtain another, or you can use your router if you have one
connected to your Mac.

Below, as ever, are sections 2-4 of the Secunia Weekly Advisory Summary.
Visit the Sequnia site for vulnerability details and to sign up for
their weekly report.

Secunia Online Vulnerability Database:
http://secunia.com/

================================================== ======================
2) This Week in Brief:

Plebo Aesdi Nael has discovered two vulnerabilities in Internet
Explorer, which can be exploited by malicious people to disclose
potentially sensitive information and potentially compromise a user's
system.

Secunia has constructed a test for one of the issues, which is
available at:
http://secunia.com/internet_explorer..._vulnerability
_test/

Additional details can be found in the referenced Secunia advisory.

Reference:
http://secunia.com/SA20825

--

VigilantMinds has reported a vulnerability in the Opera browser, which
potentially can be exploited by malicious people to compromise a
user's system.

Additionally, a weakness has also been reported, which can be
exploited to display the SSL certificate from a trusted site on an
untrusted site.

Further details are available in the referenced Secunia advisories.

References:
http://secunia.com/SA20787
http://secunia.com/SA19480

--

Two vulnerabilities have been reported in various F-Secure Antivirus
products, which can be exploited by malware to bypass the scanning
functionality.

The vendor has released patches, which corrects these vulnerabilities.
Please refer to referenced Secunia advisory for additional details.

Reference:
http://secunia.com/SA20858

--

VIRUS ALERTS:

During the past week Secunia collected 253 virus descriptions from the
Antivirus vendors. However, none were deemed MEDIUM risk or higher
according to the Secunia assessment scale.

================================================== ======================
3) This Weeks Top Ten Most Read Advisories:

1. [SA20748] Microsoft Windows Hyperlink Object Library Buffer
Overflow
2. [SA20722] WinAmp MIDI File Handling Buffer Overflow Vulnerability
3. [SA20686] Microsoft Excel Repair Mode Code Execution Vulnerability
4. [SA20787] Opera JPEG Processing Integer Overflow Vulnerability
5. [SA20825] Internet Explorer Information Disclosure and HTA
Application Execution
6. [SA20153] Microsoft Word Malformed Object Pointer Vulnerability
7. [SA20773] Yahoo! Messenger Denial of Service Weakness
8. [SA20789] Cisco CallManager RealVNC Password Authentication Bypass
9. [SA20723] IBM HMC Sendmail and OpenSSH Vulnerabilities
10. [SA20783] GnuPG "parse-packet.c" Denial of Service Vulnerability

================================================== ======================
4) Vulnerabilities Summary Listing

Windows:
[SA20862] Nokia PC Suite CDDBControl ActiveX Control Buffer Overflow
[SA20861] Gracenote CDDBControl ActiveX Control Buffer Overflow
[SA20789] Cisco CallManager RealVNC Password Authentication Bypass
[SA20858] F-Secure Antivirus Products Scanning Bypass Vulnerability
[SA20855] Lotus Domino Malformed vCal Processing Denial of Service
[SA20851] Icculus.org Quake3 Engine Two Vulnerabilities
[SA20790] MailEnable SMTP Service HELO Denial of Service
[SA20777] Webmin Directory Traversal Vulnerability
[SA20825] Internet Explorer Information Disclosure and HTA Application
Execution
[SA20856] CA Products Scan Job Description Format String Vulnerability
[SA20816] Cisco Secure ACS Session Management Security Issue
[SA20794] Trend Micro Control Manager "Username" Script Insertion
[SA20830] Lanap BotDetect ASP.NET CAPTCHA Bypass Weakness

UNIX/Linux:
[SA20879] Mandriva update for mutt
[SA20866] Mandriva update for tetex
[SA20854] Gentoo update for mutt
[SA20850] Gentoo update for tikiwiki
[SA20846] Gentoo update for hashcash
[SA20844] Gentoo update for wv2
[SA20837] Gentoo update for emech
[SA20836] Ubuntu update for mutt
[SA20831] rPath update for kernel
[SA20829] Mandriva update for gnupg
[SA20828] Mandriva update for xine-lib
[SA20826] Mandriva update for wv2
[SA20824] Mandriva update for libwmf
[SA20811] Slackware update for gnupg
[SA20810] Mutt IMAP Namespace Buffer Overflow Vulnerability
[SA20805] EnergyMech "parse_notice" Denial of Service Vulnerability
[SA20801] Ubuntu update for gnupg
[SA20800] Hashcash "array_push" Buffer Overflow Vulnerability
[SA20792] Debian update for courier
[SA20791] SUSE update for freetype2
[SA20783] GnuPG "parse-packet.c" Denial of Service Vulnerability
[SA20782] SGI Advanced Linux Environment Multiple Updates
[SA20853] Mandriva update for gd
[SA20849] Gentoo update for horde
[SA20848] Ubuntu update for OpenLDAP
[SA20840] cPanel "file" Parameter Cross-Site Scripting Vulnerability
[SA20788] phpQLAdmin "domain" Cross-Site Scripting Vulnerability
[SA20871] Ubuntu update for mysql-server
[SA20832] Mandriva update for MySQL
[SA20869] Slackware update for kdebase
[SA20868] Slackware update for arts
[SA20827] Mandriva update for arts
[SA20786] Gentoo update for aRts
[SA20785] Gentoo update for kdebase / KDM
[SA20834] Debian update for pinball
[SA20818] PHP "error_log()" Safe Mode Bypass Weakness
[SA20809] HP-UX Kernel Denial of Service Vulnerability
[SA20778] Emilia Pinball Compiled Plugins Loading Vulnerability

Other:
[SA20860] Cisco Wireless Access Point Web Management Vulnerability

Cross Platform:
[SA20823] Mambo MOD_CBSMS Module File Inclusion Vulnerability
[SA20819] Mambo Pearl For Mambo Module File Inclusion Vulnerabilities
[SA20815] phpBB THoRCMS Add-On "phpbb_root_path" File Inclusion
[SA20814] Bee-hive Lite Multiple File Inclusion Vulnerabilities
[SA20812] PrivateWire Registration Functionality Buffer Overflow
[SA20787] Opera JPEG Processing Integer Overflow Vulnerability
[SA20784] Helix DNA Server Heap Corruption Vulnerabilities
[SA20779] W-Agora Multiple File Inclusion Vulnerabilities
[SA20857] Scout Portal Toolkit "forumid" Parameter SQL Injection
[SA20847] MF Piadas "page" Parameter File Inclusion Vulnerability
[SA20842] Jaws Cross-Site Scripting and SQL Injection
[SA20839] Custom dating biz dating script Multiple Vulnerabilities
[SA20838] Anthill SQL Injection Vulnerabilities
[SA20813] DeluxeBB Cross-Site Scripting and SQL Injection
[SA20806] ICT "post" Parameter SQL Injection Vulnerability
[SA20802] Softbiz Dating Script SQL Injection Vulnerabilities
[SA20796] Open Guestbook Cross-Site Scripting and SQL Injection
[SA20795] MyBB "showcodebuttons" SQL Injection Vulnerability
[SA20793] IBM WebSphere Application Server Two Vulnerabilities
[SA20780] YaBB SE "user" SQL Injection Vulnerability
[SA20872] Metalhead Usenet Script "group" Cross-Site Scripting
[SA20863] Hostflow Help Desk Script Insertion Vulnerability
[SA20843] Phorum Cross-Site Scripting Vulnerability
[SA20841] SiteBar "command" Cross-Site Scripting Vulnerability
[SA20835] Sun Java System Application Server Cross-Site Scripting
[SA20833] Dating Agent PRO Cross-Site Scripting and Information
Exposure
[SA20822] dotProject "login" Parameter Cross-Site Scripting
Vulnerability
[SA20821] Namo DeepSearch "p" Parameter Cross-Site Scripting
[SA20820] aeDating Multiple Cross-Site Scripting Vulnerabilities
[SA20817] Claroline Unspecified Cross-Site Scripting Vulnerability
[SA20808] Qdig Cross-Site Scripting Vulnerabilities
[SA20804] UebiMiau Cross-Site Scripting Vulnerabilities
[SA20803] mvnForum "activatemember" Cross-Site Scripting
[SA20798] H-Sphere Multiple Cross-Site Scripting Vulnerabilities
[SA20797] XennoBB "tid" Cross-Site Scripting Vulnerability
[SA20781] GL-SH Deaf Forum show.php Cross-Site Scripting

================================================== ======================

--
Fortune Magazine, 11-29-05: What's your computer setup today?
Frederick Brooks: I happily use a Macintosh. It's not been equalled for ease
of use, and I want my computer to be a tool, not a challenge.
<http://money.cnn.com/magazines/fortune/fortune_archive/2005/12/12/8363107/>
[Frederick Brooks is the author of 'The Mythical Man Month'. He spearheaded
the movement to modernize computer software engineering in 1975]