Apple Fixes Wi-Fi Flaw From 2006

Apple Inc. late Thursday patched a critical bug in some Macs that made the computers vulnerable to wireless hijacking.

The vulnerability in Apple's Mac OS X AirPort Extreme driver was made public in late November 2006 as the final entry in the "Month of Kernel Bugs" project run by the anonymous researcher known as "LMH".

"[The] Apple Airport Extreme driver fails to handle certain beacon frames, leading to an out-of-bounds memory access, resulting in a so-called kernel panic," said the advisory on the flaw.

Apple's update affects both the client and server editions of Mac OS X 10.4, aka Tiger, running on Core Duo-equipped Mac mini, MacBook, and MacBook Pro machines. Newer models of the MacBook and MacBook Pro powered by the Core 2 Duo processors are not at risk, the Apple security bulletin read.

Mac owners can retrieve the patch using the operating system's built-in automatic or manual update service, or by downloading the 6.5MB file from the Apple support site.

This is the second patch Apple's issued in three days. On Tuesday, the Cupertino, Calif.-based computer and electronics maker fixed a flaw in its QuickTime media player. That vulnerability also had been publicized by LMH, who used it as the first entry in his January "Month of Apple Bugs" campaign.