Apple updates iPhoto 7.1.2 with a security fix

A new security update is available for Mac OS X users running the program that's part of iLife 08.

On Tuesday, Apple issued a security update for iPhoto. The update is for users of Mac OS X v10.4.9 or later running iPhoto '08 (part of iLife 08). It addresses the vulnerability detailed in CVE-2008-0043.

To be vulnerable, Apple says, a user must subscribe to a maliciously crafted photocast. A remote attacker may then execute arbitrary code on the compromised machine. The fix addresses how iPhoto handles format strings when processing photocast subscriptions.

Apple credits Nathan McFeters of Ernst & Young's Advanced Security Center for reporting this vulnerability.


Add Your Comment

Avatar
 

Be the first to comment on this story!


Post comment as


Sponsored Links

Recently Viewed Products