Apple Fixes Wi-Fi Flaw From 2006

Apple Inc. late Thursday patched a critical bug in some Macs that made the computers vulnerable to wireless hijacking.

The vulnerability in Apple's Mac OS X AirPort Extreme driver was made public in late November 2006 as the final entry in the "Month of Kernel Bugs" project run by the anonymous researcher known as "LMH".

"[The] Apple Airport Extreme driver fails to handle certain beacon frames, leading to an out-of-bounds memory access, resulting in a so-called kernel panic," said the advisory on the flaw.

Apple's update affects both the client and server editions of Mac OS X 10.4, aka Tiger, running on Core Duo-equipped Mac mini, MacBook, and MacBook Pro machines. Newer models of the MacBook and MacBook Pro powered by the Core 2 Duo processors are not at risk, the Apple security bulletin read.

Mac owners can retrieve the patch using the operating system's built-in automatic or manual update service, or by downloading the 6.5MB file from the Apple support site.This is the second patch Apple's issued in three days. On Tuesday, the Cupertino, Calif.-based computer and electronics maker fixed a flaw in its QuickTime media player. That vulnerability also had been publicized by LMH, who used it as the first entry in his January "Month of Apple Bugs" campaign.