On August 20, Apple released security updates to fix vulnerabilities found in Apple Remote Desktop. The recommended update is available for Apple Remote Desktop 3.0 or later, which fixes an issue when connecting to a third-party VNC server with “Encrypt all network data” set. Outlined under CVE-2012-0681, the vulnerability allows remote attackers to “obtain cleartext VNC session content by sniffing the network,” leading to possible information disclosure.
Apple further described the vulnerability:
When connecting to a third-party VNC server with “Encrypt all network data” set, data is not encrypted and no warning is produced. This issue is addressed by creating an SSH tunnel for the VNC connection in this configuration, and preventing the connection if the SSH tunnel cannot be created. This issue does not affect Apple Remote Desktop 3.5.1 and earlier.
Apple Remote Desktop 3.6.1 may be obtained from the Mac App Store, the Software Update pane in System Preferences, or Apple’s Software Downloads page.