PDA

View Full Version : More Mac OS X Flaws Identified


MacBytes
Apr 22, 2006, 04:06 PM
http://www.macbytes.com/images/bytessig.gif (http://www.macbytes.com)

Category: News and Press Releases
Link: More Mac OS X Flaws Identified (http://www.macbytes.com/link.php?sid=20060422170625)
Description:: Apple is doing a lot of security patching of late, and it looks like its employees may be working overtime just to address some of the flaws founds by one security researcher.

Posted on MacBytes.com (http://www.macbytes.com)
Approved by Mudbug

gauchogolfer
Apr 22, 2006, 04:12 PM
I'm no professional, but these look like pretty serious flaws, from what I understood from the article. By 'crashing' Safari, could a further exploitation be performed, or is it only an annoyance? It looks like I need to get educated about this stuff now.

*sighs*


500th post

Sayer
Apr 22, 2006, 04:58 PM
Just more scare tactics from some "security" researcher in the wild who wants his 15 minutes of fame.

Crashing by itself is not a security threat. The security "experts" tack on "and may allow an attacker to execute arbitrary code" to serve up the FUD to the public and to coerce the OEM to fix the bug.

Just about any app will crash on malformed data files unless it has numerous integrity checks at all levels, which add complexity and additional time to do some otherwise rudimentary task.

In the end a lot of hackers use social engineering to coerce a target to allow access, such as the ever-popular phishing scams that have been around as long as average users have needed a password to log on to something.

More likely than not a malformed graphic will crash your browser. Big deal. On the PowerPC its very, very hard to get random code to execute and on the Intel CPU in Macs the OS sets the CPU to not execute random bits of code floating around on the heap/stack.

suntzu
Apr 22, 2006, 05:01 PM
The article is kind of confusing. It said there were 6 zero-day exploits found this week but goes on to say at the end that Apple was notified of the them in January and February. How can you find something now and say you reported it on awhile ago?

Also, doesn't the term "zero-day exploits" mean an exploit undiscovered either by the company or security professionals? They fact that they're reporting it doesn't make it a zero-day exploits coupled with the fact that Apple became aware of it in January. That's what makes "zero-day"'s so dangerous. No one in the public knows about it and it's being used.

hob
Apr 22, 2006, 05:18 PM
This article seems to gloss over the details - I'm not sure whether to be concerned or not!

For the time being, I'm not! (judging by my 3 years experience of macs - 0 viruses so far!)

mkrishnan
Apr 22, 2006, 05:24 PM
The article is kind of confusing. It said there were 6 zero-day exploits found this week but goes on to say at the end that Apple was notified of the them in January and February. How can you find something now and say you reported it on awhile ago?

Also, doesn't the term "zero-day exploits" mean an exploit undiscovered either by the company or security professionals? They fact that they're reporting it doesn't make it a zero-day exploits coupled with the fact that Apple became aware of it in January. That's what makes "zero-day"'s so dangerous. No one in the public knows about it and it's being used.

I'm confused about these things to. I think here, what is meant is that this individual claims to have not only a vulnerability but an exploit mechanism that takes advantage of that vulnerability (as opposed to a vulnerability that may contribute to something bad being done, but isn't enough, without additional information, for anyone to create an exploit... like when something "might" cause arbitrary code to be run under some conditions that "could" occur...). And apparently this individual's "proof of concept code" is the proof of that.

As far as the Jan/Feb thing, I think the article means that the bugs were disclosed in January or February, and were apparently zero day at the time, but are being made *public* now.

But I think all the zero day means here is that there is a usable exploit based on these vulnerabilities. Which...well... I think it's good that it's in Apple's hands, and also in the security communities hands. :)

grapes911
Apr 22, 2006, 05:29 PM
I'm not sure whether to be concerned or not!

I'm not sure how to take this either (because I'm not sure it's a exploit or not), but I am definitely not concerned with it. Never be worried about newly found bugs, security holes, etc. Contrary to popular belief, finding bugs is a good thing. Anyone in software development knows that bugs are expected in software. It doesn't matter how good of a programming team you have, bugs will be introduced into the project. Finding bugs means that Apple can fix them before someone can figure out how to exploit them. If a hacker finds them first, then you have to worry.

mjstew33
Apr 22, 2006, 06:04 PM
I highly doubt we have anything to worry about.

miniConvert
Apr 22, 2006, 06:34 PM
I am pleased that there continues to be interest in the security of Mac OS X. Security by obscurity is no way to go, so it's best that any gaping faults are fixed now - especially what with the Intel transition opening up the possibilities of gains in market share, so making Mac OS X users more of a target in future malware releases.

nagromme
Apr 22, 2006, 06:45 PM
I'm all in favor of researchers looking for bugs and reporting them to Apple. No OS will ever be 100% perfect, but Mac OS X can only be the best it can be if people are looking for things that need to be fixed.

And of course, such issues should be reported to the public AFTER they have been patched (or after the OS vendor has refused to fix them perhaps).

Some perspective:

Windows XP Home:
http://secunia.com/product/16
23 out of 116 advisories, rated up to Highly Critical, are marked as unpatched by Secunia.

XP Professional:
http://secunia.com/product/22
27 out of 131 advisories, rated up to Highly Critical, are marked as unpatched.

Internet Explorer 6.x:
http://secunia.com/product/11
19 out of 99 advisories, rated up to Moderately Critical, are marked as unpatched.

Safari 2.x:
http://secunia.com/product/5289
1 out of 3 advisories, rated up to Not Critical, are marked as unpatched.

Mac OS X:
http://secunia.com/product/96
1 out of 69 advisories, rated up to Highly Critical, are marked as unpatched.

Let's get that zero back ASAP! :)

bousozoku
Apr 22, 2006, 07:19 PM
I highly doubt we have anything to worry about.

You should always have some worry, even if it says there aren't any security flaws unpatched. A couple of days ago, the problems were there but no one knew about them. Would an attack be any less problematic?

Eagon
Apr 22, 2006, 08:51 PM
It's ironic that Safari crashed on me the first time I opened the link. Grrrrrrrrrr

alexprice
Apr 23, 2006, 12:52 PM
Why do people make silly comments like this, if it was so "Highly Critical" then I'm sure Apple would fix it. Personally it doesn't bother me in the slightest. Not compared to the infinite viruses and such when I used windows.

bousozoku
Apr 23, 2006, 01:41 PM
Why do people make silly comments like this, if it was so "Highly Critical" then I'm sure Apple would fix it. Personally it doesn't bother me in the slightest. Not compared to the infinite viruses and such when I used windows.

A lot of people have undying, and sometimes, unwarranted faith in Apple. Apple are automatically the good guys because they're not the bad guys, right?

The problems with Preview opening a .bmp file and it having Mac OS X executable code in it is highly unlikely but should someone decide to do it, it could be devastating. I'm sure that there are plenty of them with Windows executable code in them already. The fact that there is also a problem with TIFFs makes it more of an issue for Mac OS X users.

We don't have to worry as much, but we still have to worry.

someguy
Apr 23, 2006, 01:49 PM
I ain't scurred. ;)

Stridder44
Apr 23, 2006, 04:22 PM
I highly doubt we have anything to worry about.

Couldn't agree more.

Did you guys read the rest of of the reports by them? It shows the other "flaws" they reported, and how Apple patched them within a very short time.

bousozoku
Apr 23, 2006, 04:50 PM
Couldn't agree more.

Did you guys read the rest of of the reports by them? It shows the other "flaws" they reported, and how Apple patched them within a very short time.

It's the time between when the flaws were available and the time they're exploited that bothers me, not the time between when they were reported and patched.

We're lucky so far. Now that people can run WinXP and Mac OS X on the same machine, they might decide that it's easier to create exploits simply because it is.

HughJ
Apr 23, 2006, 05:24 PM
It's ironic that Safari crashed on me the first time I opened the link. Grrrrrrrrrr
Ditto!!!!!!!!!!!!!!!