Mac OS X Security Hole Is Published After Apple Fails to Patch

Mac OS X security hole is published after Apple fails to patch – Penetration testing specialists Core Security has publicly released information on security vulnerabilities in Apple Mac OS X, and criticized the computer manufacturer to delay the release of a patch. The vulnerability, which affects only the Apple Mac OS X 10.5, could be vulnerable to hackers to take complete control of the machine through a malicious file in PDF format. advisory, Core Security said that Apple says it has already been prepared for the patch for this problem, but has not released the fix, despite several promises. Apple does not give anything to be skipping the release of the patch.

The Apple service type is subject to memory corruption vulnerability because of a mismatch signal that manipulation of the value of displacement of the final structure CharStrings INDEX. This vulnerability could be exploited by attackers to execute arbitrary code by tricking users of Mac OS X v10. 5.x to view or download a PDF document containing a malicious embedded font CFF (Compact Font Format. This vulnerability is a variant of CVE-labeled 2010-1797 (FreeType iPhone JailbreakMe exploit the variation).

encourages users to switch to Apple Mac OSX 10.6, which is not affected by this vulnerability. Apple has been a slow and security patches. This list maintained by TippingPoint’s ZDI is still a number of high-risk vulnerabilities in Apple software.