Apple have released a security update today that addresses four of the bugs released in the Month of Apple Bugs from January. The fixes address two iChat bugs, one Finder bug and finally on in User Notification. 

The patch address bugs that had been released as part of the recent MoAB project and each one had proof of concept code released in the advisory as part of the project.

The two iChat bugs addressed are MOAB-20-01-2007 and MOAB-29-01-2007, one of these can cause iChat to crash and the other could allow remote code execution. The finder bug is MOAB-09-01-2007, which relates to a specially crafted Disk Image that could be used to crash finder or perform code execution. The UserNotification bug is MOAB-22-01-2007 and can be exploited to perform privilege escalation.

You can find out more about the patch from Apple here in their advisory. We recommend that those out there who are Apple users fire up Software Update and get the patch installed.

Add this page to your favorite Social Bookmarking websites