Apple releases iPhoto Update 7.1.2

Apple has released iPhoto Update 7.1.2 via Software Update.

This update addresses issues when publishing photos to a .Mac Web Gallery, improves overall stability, and fixes a number of other minor issues.

iPhoto 7.1.2 Security Content:

CVE-ID: CVE-2008-0043

Impact: Subscribing to a maliciously crafted photocast may lead to arbitrary code execution

Description: A format string vulnerability exists in iPhoto. By enticing a user to subscribe to a maliciously crafted photocast, a remote attacker may cause arbitrary code execution. This update addresses the issue through improved handling of format strings when processing photocast subscriptions. Credit to Nathan McFeters of Ernst & Young’s Advanced Security Center for reporting this issue.

For information on the security content of this update, please visit this website:


Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.