US-CERT Reports HTTP Vulnerability, Macs Safe

The United States Computer Emergency Readiness Team is reporting that an HTTP vulnerability involving Unicode characters could leave computers and network equipment vulnerable to remote attacks. The report also stated that properly updated Mac systems are safe from attack.

The vulnerability takes advantage of HTTP content scanning systems that donit properly scan full-width/half-width Unicode encoded HTTP traffic. An attacker that sends properly designed HTTP traffic to a vulnerable content scanning system could potentially bypass the scanning system and gain remote access to the network device or computer.

The US-CERT advisory states that Apple systems are not vulnerable to the attack, nor are certain products from Hewlett-Packard, Impervia, Force10 Networks, and Sourcefire. Products from 3com, Cisco, EMC, Internet Security Systems, Snort, and TippingPoint Technologies are listed as vulnerable. Microsoft is still in the unknown category.

To ensure that your Mac is safe from this potential exploit, make sure that you are using Mac OS X 10.3.9 or Mac OS X 10.4.9 and have the latest security updates installed. To verify your operating system and security patches are up to date, do this:

  • Choose Apple menu > Software Update to launch the Software Update application.

  • Look for Software Update in the Apple menu.
  • Software Update will automatically check for any available updates for Mac OS X and Apple-branded applications.

  • Software Update checks for Mac OS X updates.
  • If your updates are current, you will see a dialog stating that your software is up to date. Click the OK button to quit Software Update.

  • This means Mac OS X is up to date.
  • If you see a list of updates, click the Install button. You may also have to provide your administrator password and restart after the updates are complete.