Apple has posted
AirPort Extreme Update 2007-001, intended for some Intel-based Macs running Mac OS X v10.4.8.
The update corrects an issues that could cause system crashes on a wireless network caused by malicious intent, according to Apple.
“An out-of-bounds memory read may occur while handling wireless frames. An attacker in local proximity may be able to trigger a system crash by sending a maliciously-crafted frame to an affected system,” reads the security information for the new update.
The problem only affects certain Mac models, according to Apple — specifically, the Core Duo version of the Mac mini, MacBook and MacBook Pro, when using wireless networking.
“Other systems, including the Core 2 Duo versions are not affected. This update addresses the issue by performing additional validation of wireless frames,” said Apple.
Apple credits LMH, one of the people responsible for the “Month of Apple Bugs,” for uncovering this exploit. According to the Common Vulnerabilities and Exposures (CVE) identification used for the problem, however, LMH first uncovered this exploit last November, as part of a “Month of Kernel Bugs” effort.