Apple TV Security Patch

Apple TV Security Patch

If you are one of those people who already owns an Apple TV, then you might want to go into your menu and force an update.  The security patch that fixes a buffer overflow issue will not be part of automatic updates at this time.
Description: A buffer overflow vulnerability exists in the UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) code used to create Port Mappings on home NAT gateways in the Apple TV implementation. By sending a maliciously crafted packet, a remote attacker can trigger the overflow which may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation when processing UPnP protocol packets. Credit to Michael Lynn of Juniper Networks for reporting this issue.
While we have probably all experienced some form of "unexpected application termination" at some point, the term "arbitrary code execution" is enough to send chills down the spine of any technophile.
Login or Register to Comment
Post a Comment