PDA

View Full Version : New Mac OS X exploit disclosed


MacBytes
Jan 15, 2007, 07:02 PM
http://www.macbytes.com/images/bytessig.gif (http://www.macbytes.com)

Category: Mac OS X
Link: New Mac OS X exploit disclosed (http://www.macbytes.com/link.php?sid=20070115200244)
Description:: none

Posted on MacBytes.com (http://www.macbytes.com)
Approved by Mudbug

xUKHCx
Jan 15, 2007, 07:10 PM
The vulnerability can be mitigated by turning off the 'Open safe files after downloading' option in Safari's preference panel, according to Secunia.

Yet another reason to turn this preference off if you haven't already.

Passante
Jan 16, 2007, 05:20 AM
This bug is stale. :D

bryanc
Jan 16, 2007, 08:12 AM
Safari clearly needs to change the definition of 'safe' files. Anything that can contain executable code is not safe. Disk images are obviously not 'safe'.

The only things I'd like to see Safari automatically opening after downloading are PDFs and image files. And it might be a good idea to open these in a sandbox with very restricted permissions.

The 'open safe files after downloading' preference is a recipe for disaster the way it is currently implemented. Nevertheless, it's not really a bug, it's functioning as intended.

Cheers

benthewraith
Jan 16, 2007, 08:15 AM
Ah, Secunia, the company that insists on broadcasting vulnerabilities out on the net that wouldn't be known otherwise.

eluk
Jan 16, 2007, 09:19 AM
Ah, Secunia, the company that insists on broadcasting vulnerabilities out on the net that wouldn't be known otherwise.

The ostrich is very vulnerable.

spice weasel
Jan 16, 2007, 09:42 AM
How is this a new bug? We've had knowledge of this potential exploit for a good while now. I have no doubt that there are bugs in OS X, but come on people, let's not rehash the same old ones, especially when they are easily preventable.

whooleytoo
Jan 16, 2007, 11:25 AM
Yet another reason to turn this preference off if you haven't already.

Quite possibly it would make little difference. If this option is turned off, many people will just open the file manually via the Downloads window, which is likely to have the same security vulnerability.

montex
Jan 16, 2007, 05:50 PM
I'm calling shenanigans on this one. The article very clearly states that an exploit COULD occur from an auto-opened dmg file. But until it has actually been demonstrated with functioning malware that this CAN be done, then I don't believe it. It's one thing to say you could land a man on the moon -- but it's quite another to actually do it.

BTW, Secunia makes their living selling security software. Is it little wonder that they gave this "exploit" a "Highly Critical" warning? These guys are jonesing so hard for an OS X virus - I wouldn't be surprised to learn they are trying to write one themselves.

SMM
Jan 16, 2007, 06:02 PM
I'm calling shenanigans on this one. The article very clearly states that an exploit COULD occur from an auto-opened dmg file. But until it has actually been demonstrated with functioning malware that this CAN be done, then I don't believe it. It's one thing to say you could land a man on the moon -- but it's quite another to actually do it.

BTW, Secunia makes their living selling security software. Is it little wonder that they gave this "exploit" a "Highly Critical" warning? These guys are jonesing so hard for an OS X virus - I wouldn't be surprised to learn they are trying to write one themselves.

You and I are of alike minds. If I were a company like MS/Apple and a virus/malware was unleashed, using an exploit published by someone like Secunia, I would sue them out of existence as facilitators, or even charge them with accessories. The feds should take a few weeks off from busting pot smokers and focus on putting these jerks out of business.

bousozoku
Jan 16, 2007, 07:29 PM
Ah, Secunia, the company that insists on broadcasting vulnerabilities out on the net that wouldn't be known otherwise.

I'd rather have the world know than living unsafe in the knowledge that some vulnerability might exist.

It's good for Apple to get these things under control, as much as they can.

If someone opens the disk image on their own, it's not Apple's fault. If people choose to enable the "open safe files" option, that's not Apple's fault either. Having the option enabled to start is just asking for trouble. They turned it off in the past. Why did someone think that it was okay to enable it by default?

Peace
Jan 16, 2007, 07:42 PM
This is REALLY old..

What are these guys doing recycling the 2 known bugs each week to fit into their month of apple bugs?

cwt1nospam
Jan 16, 2007, 08:04 PM
What are these guys doing recycling the 2 known bugs each week to fit into their month of apple bugs?
Yes, and they don't care that there is no exploit for the vulnerability. They're going to call it an exploit anyway. :rolleyes: