Apple has finally patched and revealed the details of the exploit that Charlie Miller used at Pwn2Own 2010 to gain access to a Macbook running Snow Leopard. Users can download Security Update 2010-003 through Software Update or through Apple Support Downloads. The details of the patch are as follows:
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.3, Mac OS X Server v10.6.3
Impact: Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution.
Description: An unchecked index issue exists in Apple Type Services' handling of embedded fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution. This issue is addressed through improved index checking. Credit to Charlie Miller working with TippingPoint's Zero Day Initiative for reporting this issue.
In addition to the security update, Apple has also released a handful of updates this week for various Mac hardware and software:
27-inch iMac EFI FW Update 1.0 - The update is recommended for all quad-core Intel Core i5 and Core i7 processors 27-inch iMacs.
27-inch iMac SMC Firmware Update 1.0 - This update fixes Target Display Mode compatibility issues on 27-inch iMac computers.
MacBook Pro Software Update 1.3 - This update is recommended for all 15-inch and 17-inch MacBook Pro mid 2010 models and contains improvements for graphics stability for high-performance video and gaming applications as well as various bug fixes.
MobileMe Backup v3.2 - Backup 3.2 is recommended for all users of Backup 3. This update improves the reliability of backup restore and uses space more efficiently on your iDisk or local storage (e.g. external hard drive or DVD).
Mac OS X v10.6.3 v1.1 Update (Combo) - The 10.6.3 v1.1 Update is recommended for all users running Mac OS X Snow Leopard and includes general operating system fixes that enhance the stability, compatibility, and security of your Mac.
Mac OS X Server 10.6.3 v1.1 Update (Combo) - The 10.6.3 v1.1 update is recommended for all servers currently running Snow Leopard Server version 10.6 and includes general operating system fixes that enhance the stability, compatibility and security of your server.
Server Admin Tools 10.6.3 - The Server Admin Tools update is recommended for remote administration of Snow Leopard Server.
Note: The 10.6.3 v1.1 Update is only for users that updated directly from a base 10.6 system to 10.6.3 with a combo update. Users who updated to 10.6.3 from 10.6.1 or 10.6.2 are not required to install the update.