Apple has released a security update for Mac OS X 10.5 and 10.6 to patch a bug used by security researcher Charlie Miller last month to win the Pwn2Own contest at the CanSecWest security conference.
Apple presents the fix as follows:
An unchecked index issue exists in Apple Type Services’ handling of embedded fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution. This issue is addressed through improved index checking. Credit to Charlie Miller working with TippingPoint’s Zero Day Initiative for reporting this issue.
The update is available for Snow Leopard, and for Leopard Client or Server. The Snow Leopard version is a mere 6.5 MB, but the Leopard versions, for the client and server versions of the software are, respectively, 219 and 380 MB. They are available by download from the links just above, or available via Software Update.
