Attack code that exploits a flaw in Apple Computer’s Mac OS X was publicly released Wednesday, increasing the urgency to patch.
The code's arrival comes just a day after Apple made an update available for its operating system. The malicious program takes advantage of a locally exploitable vulnerability in an operating system component called "launchd".
"Attackers may exploit this issue to execute arbitrary code with elevated privileges," Symantec said in a security alert to customers that was updated on Thursday.
Kevin Finisterre, a security researcher at Digital Munition, created the exploit. Earlier this year, Finisterre created the Inqtana worm, which targets Mac OS X and spreads using an 8-month-old vulnerability in Apple's Bluetooth software. His actions are in part to demonstrate that Apple software is notunbreakable, he has said.
View: The Full Article @ CNET News.com
The code's arrival comes just a day after Apple made an update available for its operating system. The malicious program takes advantage of a locally exploitable vulnerability in an operating system component called "launchd".
"Attackers may exploit this issue to execute arbitrary code with elevated privileges," Symantec said in a security alert to customers that was updated on Thursday.
Kevin Finisterre, a security researcher at Digital Munition, created the exploit. Earlier this year, Finisterre created the Inqtana worm, which targets Mac OS X and spreads using an 8-month-old vulnerability in Apple's Bluetooth software. His actions are in part to demonstrate that Apple software is notunbreakable, he has said.
View: The Full Article @ CNET News.com
Microsoft, Vulnerability = Critical Flaw opens way for Virus!
Apple, Vulnerability = Malicious program could take advantage of flaw.
i will say no more.
-added-
about what was just said...
apple flaws are called worms! *wink, wink*
-added-
about what was just said...
apple flaws are called worms! *wink, wink*
haha I like that one.
Man I can't stand Apple's commercials.
Go watch Mikko Hyponnen in the F-Secure 1st half of 2006 Security Review video, he clearly states 4 OS X viruses have now been discovered. And they don't even sell an OS X product
It's amazing how pedantic OS X users will be about the catagorisation of malware in order to protect their supposed perfect track record. There was an interesting discussion on bugtraq recently about using 'number of vulns in a product' to assess it's security, the conclusion was (IIRC) that "0 vulns != secure", by a long shot.
Last edited by aristotle-dude on 29 Jun 2006 - 21:41
As I recall there are usually more actual Windows users "crowing" about Windows flaws than Mac users.
And usually not over proof of concept code like this.
So, that means we have nothing to worry about then? I love not having to worry
So, that means we have nothing to worry about then? I love not having to worry
Amen brother. Windows users just don't get it.
According to News.com, security researcher Kevin Finisterre at Digital Munition has released "attack code" to the public that can locally exploit the launchd daemon.
"Attackers may exploit this issue to execute arbitrary code with elevated privileges," Symantec said in a security alert to customers that was updated on Thursday.
The code affects Mac OS 10.4.0 - 10.4.6 (excluding the recently released 10.4.7 and 10.3.
Also mentioned in the article is that iTunes 6.0.5 is quietly patching an AAC parsing flaw.
Parsing a maliciously-crafted AAC file could cause iTunes to terminate or potentially execute arbitrary code. iTunes 6.0.5 addresses this issue by improving the validation checks used when loading AAC files.
Could it be that a lot of viruses are being created at the request of anti-virus vendors? I personally would never install a Symantec product on my mac as it could potentially screw it up worse than any virus every could.
Could it be that a lot of viruses are being created at the request of anti-virus vendors? I personally would never install a Symantec product on my mac as it could potentially screw it up worse than any virus every could.
I think it works like this: Apple's engineers find a flaw. They patch it up, release that patch to all users. That same day, Joe Schmoe hears about this, and looks into that flaw that was patched up. Then starts to spread news about a security vulnerability.
In other words, no piece of software is perfect. But it's up to the software engineers to stay on top of their code and fix whatever holes they find.
You'll find an identical situation for many windows vulns, which is why the window between a patch being released, and POC appearing is shrinking rapibly. All a smart coder needs to do is analyse the actions of the patch, and they have a damn good chance of finding the flaw.
That certainly isn't an 'angelic like behaviour only found in the Mac world' as you seem to think.
Also, in reponse to aristotle, it's perfectly normal for VXrs to have a contact to which they forward interesting code first. F-Secure were also heavily involved in the original bluetooth worm release, I don't think there's the conspiracy you'd like to think there to be honest!
They are about 20 comments, have you not seen the number of comments when something bad is in the news about microsoft.
Its at least 100
And Windows fanboys *still* have nothing to gloat over.
Folks, when it comes to security, OS X is still superior to Windows by an order of magnitude. Deal with it.
Releasing a patch and installing a patch are two different things. If Apples were actually popular in Enterprise environments, you'd see far more hastle resulting from this vulns. But they aren't, so you could argue they really are playing the security through obscurity game
Now, why the hell would you create this and make it a public release, irrespective of a system your exploit is for? How different is Mr. Finisterre from some student whou would've made the same thing and release it and be visited by FBI afterwards because it damaged business systems?
I think thouse type of 'security experts' should take a walk from the industry because their job is to inform companies of vulnerabilities in their software, not piping their 'research' all over the internet like buttholes...
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.