Apple Patches Critical Wi-Fi Bugs

The trio of updates patches vulnerabilities in the Mac's AirPort drivers, as well as the API that third-party wireless software calls on.
Apple Computer on Thursday issued three critical security updates to patch wireless drivers in its notebook and desktop lines that if exploited let attackers crash or hijack Macs.

The trio of updates -- labeled "AirPort Update 2006-001" and "Security Update 2006-005" -- patch vulnerabilities in the Mac's AirPort drivers as well as the API that third-party wireless software calls on. Although Apple said it knew of no in-the-wild exploits, an attacker who leveraged the flaws would be able to bring down the Mac or inject his own malicious code. Two of the three patches only affect Mac OS X 10.4 and later.

Danish vulnerability tracker Secunia collectively rated the three as "highly critical," its second-from-the-top threat ranking. Unlike Microsoft, Apple doesn't rank its own security updates.

Two of the three patches affect Intel-based Mac mini, MacBook, and MacBook Pro systems, while the third impacts all other Mac models, including older machines running the PowerPC processor.

More details of the updates can be found on the Apple support site; the updates can be downloaded from here or retrieved using Mac OS X's built-in update mechanism.

Apple last released security fixes two weeks ago, on Sept. 12, when it patched 7 vulnerabilities in the QuickTime media player.

Editor's Choice
Brandon Taylor, Digital Editorial Program Manager
Jessica Davis, Senior Editor
Terry White, Associate Chief Analyst, Omdia
Richard Pallardy, Freelance Writer
Cynthia Harvey, Freelance Journalist, InformationWeek
Pam Baker, Contributing Writer