Apple recently did an internal audit on its wireless drivers that there's now a Security and AirPort update for Mac OS X. Recall that a month ago, SecureWorks released a statement that the MacBook wireless software driver showed vulnerabilities -- only to retract such statement by saying that they had used a third-party driver and not AppleÂ?s driver.

This apparently prompted Apple to work on an update that strengthens their drivers against potential vulnerabilities. But Anuj Nayar, Apple's spokesman, stressed that they had initiated the internal audit themselves.

If you're an Apple user, you can get the update via the Software Update mechanism in Mac OS X.

The issues on vulnerabilities affected select Apple laptops such as Power Mac, PowerBook, iMac, Mac Pro, Xserve, and PowerPC-based Mac mini computers. The internal audit showed that two separate stack buffer overflows exist in the AirPort wireless driverÂ?s handling of malformed frames.

To exploit the vulnerability, an attacker in local proximity may be able to trigger an overflow by injecting a maliciously crafted frame into a wireless network. When the AirPort is on, this could lead to arbitrary code execution with system privileges. If the heap buffer overflow that existed wasn't tackled, it could have allowed attackers on a wireless network to cause system crashes, privilege elevation or arbitrary code execution.

The Apple MacBook wireless device driver is clear from any weaknesses.

This is what has been proven, contrary to the sensational claim made by two security specialists back at the August Black Hat security conference in Las Vegas. There, they demonstrated how to "hack" an Apple MacBook wirelessly. But as it later on turned out, the demonstrators did not use the native MacBook wireless driver.

While hacker demonstrators David Maynor and John Ellch of SecureWorks did not outright say that the vulnerability was a Mac problem per se, but rather was a weakness with wireless device drivers in general, they did not, however, clarify that they were using a third party wireless device driver in their demonstration. Because of this, it sent alarm bells ringing off, particularly from the upset Apple party.

In response, SecureWorks released a statement through its website, saying that "This video presentation at Black Hat demonstrates vulnerabilities found in wireless device drivers. Although an Apple MacBook was used as the demo platform, it was exploited through a third-party wireless device driver - not the original wireless device driver that ships with the MacBook. As part of a responsible disclosure policy, we are not disclosing the name of the third-party wireless device driver until a patch is available."

So obviously, the demonstrators really had nothing bad to say about the MacBook's native wireless device driver. But then again, they probably thought it would make for a great dramatic effect to bring in the brand of Apple.

While demonstrations such as these may offer benefits in terms of promoting and providing further securities against hacking, it is best for the security experts to stick with real-life scenarios rather than exploiting a particular brand to jump up publicity, without even offering a caveat that the brand is being used for demonstration purposes only, and not to identify it as one of the problems they are discussing. It is not only some form of cheapshot, but it can also prove to be very detrimental not only for the exploited brand's image, but also to the security expert company who may be inviting legal action because of their negligence.