A security mailing list has alerted Apple Computer OS X users to a program that could let a hacker piggyback malicious code on downloads from the company's SoftwareUpdate service.
According to the BugTraq mailing list, a hacker named Russell Harding has posted full instructions online for how to fool Apple's SoftwareUpdate feature to allowing a hacker to install a backdoor on any Mac running OS X.
The exploit takes advantage of SoftwareUpdate, Apple's software updating mechanism in OS X, which checks weekly for new updates from the company. According to Harding, who claims to have discovered the exploit, the feature downloads updates over the Web with no authentication and installs them on a system. So far, there are no patches available for this problem.
Harding stressed that the exploit is a simple one if using several well-known techniques, including domain-name service (DNS) spoofing and DNS cache poisoning.
News source: ZDNet
View: The entire article
According to the BugTraq mailing list, a hacker named Russell Harding has posted full instructions online for how to fool Apple's SoftwareUpdate feature to allowing a hacker to install a backdoor on any Mac running OS X.
The exploit takes advantage of SoftwareUpdate, Apple's software updating mechanism in OS X, which checks weekly for new updates from the company. According to Harding, who claims to have discovered the exploit, the feature downloads updates over the Web with no authentication and installs them on a system. So far, there are no patches available for this problem.
Harding stressed that the exploit is a simple one if using several well-known techniques, including domain-name service (DNS) spoofing and DNS cache poisoning.
News source: ZDNet View: The entire article
When SoftwareUpdate runs normally, a person's computer connects via HTTP to an Apple.com page and sends a simple request for an XML document containing the latest inventory of OS X software. The Apple.com site returns the document, which the person's computer then cross-checks against what it has installed.
After the check, OS X sends a list of software that needs to be updated to another page on Apple.com. If an update for the software is available, the SoftwareUpdate server responds with the location of the software, its size, and a brief description. If not, the server sends a blank page with the information, "No Updates."
On his Web site, Harding provides two programs that he says have been customized for carrying such an attack. One program listens for DNS queries for updates, and when it receives them replies with spoofed packets rerouting them to the attacker's computer.
The second program, which is downloaded onto a victim's Mac and masquerades as a security update, contains a copy of the encrypted communications program, Secure Shell.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.