Ranjivost programskog paketa Boot Camp

Detalji os-a: MAC
Važnost: IMP
Operativni sustavi: M
Kategorije: APL

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

APPLE-SA-2014-02-11-1 Boot Camp 5.1

Boot Camp 5.1 is now available and addresses the following:

Boot Camp
Available for: Macs running Boot Camp 5
Impact: Loading a malformed executable file may cause memory
corruption in the kernel
Description: A bounds checking issue existed in the AppleMNT.sys
driver’s parsing of Portable Executable files. If a Portable
Executable file with a malformed header is loaded, this could cause a
Boot Camp driver to corrupt kernel memory. The issue was addressed
through improved bounds checking.
CVE-ID
CVE-2014-1253 : MJ0011 of 360 Security Center

Boot Camp 5.1 may be obtained via Apple Software Update or from:
http://support.apple.com/downloads/

Depending on your Mac model, the downloading file name is one of
the following two:

The download file name: BootCamp5.1.5621.zip
Its SHA-1 digest: 72c71be259474836c17ddd400aca2218660b8aac

The download file name: BootCamp5.1.5640.zip
Its SHA-1 digest: 2998a7881509a87b22abc6764379c0a33b6ced3a

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple’s Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

—–BEGIN PGP SIGNATURE—–
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools – http://gpgtools.org

iQIcBAEBAgAGBQJS+rIpAAoJEPefwLHPlZEwM0gQAJ5Ffh3VoQKk/psQJN6ABJar
SbijQfk9eILkiO/XDMwrLKmj0183VS1N+xGzLaZqC0wDjwwwUHOJHUGK02+rRPCf
pI2NkZeaRJtGeSfC1LjDHbBhToJLY3JbGU8+NiZrWiFwcJMhyHvgcjWQwOvN2X9R
jNiHvo5kTBXboaCwBU9NRvWXDmWbCeWPCsAr0WYOsyCMT4fms/2NtygjiregAGBO
BL1kDf2BiF+1lcfGD/cQgOyYPrvOhBtIp6//5UhksFY2h90lHu7Dm6FTUKlUyTzh
qKVSro4FL87OA2opuPwAOsbX/96XZEgHlHs2mOy2dGkDCZ2LF6KjWARanSIixBFV
2ARsj6ck+O9S+8KBVGEFBPPKN0fNZ7Irhivv/rR+w1AZLMsbLvdGdm4CarrMEogX
daPXwiWnMNsWadMVMIeHpjdYprVw/vfIDCqBXwZfLnDeHxtHgMxyNx0uuXrBPDWu
HjrB8Uo0/MSp55QyOSY4DLhQWVTC9mNc5CKcMmnmOQtH4niGyXc+D7k2pa7dKHPY
NLggsaiNOKiTjUpcgGEOz191Q7vVDGpGCuV81C9k+AYMWToXnffGXYO62zk0NeIH
7sZ9feNCTZHLlFDF0v9KnnyXFLMTcgT0WXtw1RAcBY7UebcaBSS1ljyw45qGo+bA
3J/op5VbemkYblZScFvu
=Dlmy
—–END PGP SIGNATURE—–

—–BEGIN PGP SIGNATURE—–
Comment: GPGTools – http://gpgtools.org

iQIcBAEBAgAGBQJS+8CvAAoJEPefwLHPlZEw2S4P/RN+VLF+jCz6K9FX5unHbxs4
nOKgPx+X6Nmw++ASUoe4g+z9fBMi+urjY3sC/pHDGCdo5KdxkdZLBdEMVWEyREhN
UIWSoEm3zvlwaOR9QMRqf/eyGvOBPhejj1Th9iG+xRbmccKC39KEKSjxn9LbO5oQ
K7RmiNns4JRYAqgFncFTkGfwIY5u2VcQnfKM/7ZvNHtRYx5B/ES34nZKuW1ZXyyE
cr4dPxKpzYG6N1tIf0tgS3362iAaCYOgKewWQfCaOeazr6qrlDfSnDwhRjM5kxlU
Cdq5dN2U+/oW009SCTt/9ilno+4oMwf37y+ozqobhG4pl8CibSKUqijw/Rxc/lRg
wdmSECzkcA7XQuzbsGbxrxSkiMOEqJWkAJc5fozQHr2YwXkK2L5uQCoIUIpmNQhv
Wf/QsSWGgHugbi1C8EyUktwg8jzhQp1AFBVAAWLXCvwMiqEMedn6e80K+96U2we5
SK3OMdZXpYbu8/BIfcnA0Lbr/xDplJIkrsM4Ve1Pnjk9OF7KMu75q2W1W59jShQ2
CS7GO/+xZlc401jM/08bfNBNQcmKd+7nl7wvUmmU9zMKF233lLMxUoJLFFCs9nAl
nnYneHCJG1FmidRT7mFz4s9uMGgjO5cSsbWUP4+iZRSpOmQzcRqeRcDBdNQwveuh
EUed/2NPZcthSRoYMGuM
=DtuZ
—–END PGP SIGNATURE—–
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (Security-announce@lists.apple.com)

Autor	Tomislav Protega
Cert id	NCERT-REF-2014-02-0024-ADV
Cve	CVE-2014-1253
ID izvornika	APPLE-SA-2014-02-11-1
Proizvod	Boot Camp
Izvor	http://www.apple.com

Ranjivost programskog paketa Boot Camp

Archives

More in Preporuke

Sigurnosni propust programskog paketa lxc