April 23, 2014

Apple TV updated with security fixes

(LiveHacking.Com) – Apple has released V5.1 of its Apple TV software to add some new features, like Photo Stream sharing, new screen savers and a way to switch iTunes accounts, as well as to address some security issues.

Apple TV 5.1, which is available for Apple TV 2nd generation devices and later, addresses 21 separate issues some of which could lead to arbitrary code execution.

The first issues resolves a problem with the handling of Sorenson encoded movie files where viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution. The same issue was fixed by Apple in Quicktime 7.7.2 and iOS 6. Apple also fixed problems when viewing a maliciously crafted TIFF files, PNG files and JPEG files.

Multiple vulnerabilities existed in libxml and JavaScriptCore the most serious of which may lead to an unexpected application termination or arbitrary code execution. The result is that an attacker with a privileged network position may cause an unexpected application termination or arbitrary code execution. These issues were fix by using the latest versions of these libraries.

Apple also fixed a problem with how may broadcast MAC addresses of previously accessed networks per the DNAv4 protocol. This issue was addressed by disabling DNAv4 on unencrypted Wi-Fi networks.

To check to see which version of of the OS your device is using , select “Settings -> General -> About”. Most users won’t need to do anything as Apple TV will regularly check for software updates. Alternatively, you may manually check for software updates by selecting “Settings -> General -> Update Software”.

Share and Enjoy:
  • Print
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks