(LiveHacking.Com) – Apple has released the a new firmware for its TV media box which adds the ability to play purchased iTunes music directly from iCloud along with Bluetooth keyboard support. The update also allows Apple TV users to send media from an Apple TV to AirPlay-enabled speakers and devices (including AirPort Express and other Apple TVs). At the same time as adding new functionality Apple has also closed two serious security holes.
The first vulnerability fixed is a issue which allowed user-mode process to access the first page of kernel memory. Nomrally the kernel has code to check that user-processes are not accessing kernel memory. However The checks were not being used if the length was smaller than one page. This issue was addressed through additional validation of the arguments to copyin and copyout.
The second securuiy flaw could allow a remote attacker on the same WiFi network to to cause an unexpected system termination. An out of bounds read issue exists in Broadcom’s BCM4325 and BCM4329 firmware’s handling of 802.11i information elements. This issue was addressed through additional validation of 802.11i information elements.
To check the version of the firmware on your device, select ”Settings -> General -> About”. Most users won’t need to do anything as Apple TV will regularly check for software updates. Alternatively, you may manually check for software updates by selecting ”Settings -> General -> Update Software”.