OS X Attack Code Released, and iTunes AAC Security Vulnerability Patched

[MacRumors]

http://www.macrumors.com/images/macrumorsthreadlogo.gif

According to News.com, security researcher Kevin Finisterre at Digital Munition has released "attack code" to the public that can locally exploit the launchd daemon.

Quote:

"Attackers may exploit this issue to execute arbitrary code with elevated privileges," Symantec said in a security alert to customers that was updated on Thursday.

The code affects Mac OS 10.4.0 - 10.4.6 (excluding the recently released 10.4.7 and 10.3.x). The same researcher also created a proof-of-concept Bluetooth exploiting worm earlier this year. According to News.com, his actions are in part to show that Apple software is not unbreakable.

Also mentioned in the article is that iTunes 6.0.5 is quietly patching an AAC parsing flaw.

Quote:

Parsing a maliciously-crafted AAC file could cause iTunes to terminate or potentially execute arbitrary code. iTunes 6.0.5 addresses this issue by improving the validation checks used when loading AAC files.

Digg this story

[dizastor]

another proof of concept. This isn't cool. Eventually someone will release one of these things in a less than sanitary manner.

[iGary]

How about in English?

[KEL9000]

Quote:

Originally Posted by greenmonsterman

another proof of concept. This isn't cool. Eventually someone will release one of these things in a less than sanitary manner.

at least they released it after it had been fixed by apple.

[Peace]

More bad publicity for Apple..Shows me that Apple is becoming a threat to the PeeCee world and because of this is coming under increasing PR attacks.

[michaeldmartin]

They have released a virus in a less-than-sanitary manner: Skype. (Leaked Beta) It was an accident, from a bug.. If you want to think of it as a virus, that is.

[joshysquashy]

Yet another example of why you should always download updates as soon as they are released - they often fix issues, and often highlight previous flaws which some people then take advantage of.

[caveman_uk]

Quote:

Originally Posted by Macrumors

[ According to News.com, his actions are in part to show that Apple software is not unbreakable.

So it's not just willy waving then? Oh good.

Seriously, Apple has one day to get people patched and this 'security researcher' releases exploit code on the web. Well thank you. At least it's only a local exploit.

[rowanhall]

Quote:

Originally Posted by greenmonsterman

another proof of concept. This isn't cool. Eventually someone will release one of these things in a less than sanitary manner.

exactally what i was thinking bro! i like living in my wee bubble...

[RichP]

http://rtechnic.com/images/quantumleap.jpg


As stated indirectly by mlr, still better than Windows. Unfortuneatly, Apple's high profile is going to make it more of a target, even if the marketshare is as low as it is.

[zap2]

well since 10.4.7 stops it, no real worrys

[michaelrjohnson]

Gosh... a single proof of concept of a local exploit...

This really isn't that big of a deal. Moral of the story: run Software Update regularly. Apple has done really well in patching their own holes, and responding to these types of "exploits".

That being said, nobody (even Apple) claimed that Macs are somehow immune to security exploits, attacks, and viruses. Nobody should be surprised that these types of things exist, and will someday have a greater impact on your workflow.

[MacsRgr8]

Quote:

Originally Posted by zap2

well since 10.4.7 stops it, no real worrys

Yep.. the're too late IMHO.

[Doctor Q]

Quote:

Originally Posted by KEL9000

at least they released it after it had been fixed by apple.

Mac OS X 10.4.7 may fix it for Mac OS X 10.4, but Mac OS X 10.3 and earlier may have the same vulnerability. I generally feel safer with the latest O.S. release, even though new flaws will invariably be discovered, because at least the widely known flaws are fixed.

[longofest]

Quote:

Originally Posted by Doctor Q

Mac OS X 10.4.7 may fix it for Mac OS X 10.4, but Mac OS X 10.3 and earlier may have the same vulnerability. I generally feel safer with the latest O.S. release, even though new flaws will invariably be discovered, because at least the widely known flaws are fixed.

10.3 is not affected by the launchd vulnerability.

[Jetson]

I liked that worm crawling out of the apple graphic

[Mac Pwnz You]

Who really cares? No software is "un-breakable" and nobody ever said that Apple software was. It is still, better, more user-friendly, and more secure than Windows.

[Texas04]

I have to agree with the Water analogy posted above...

My mac alows me to be safer, not immune, and work better than I could ever do with Windows... And Apple does a good job of securing its software, and making sure that everything runs fine "out of the box".

"I'd rather drink water from my local restaraunt, than one in Mexico"


P.S. I'm Mexican to.... And i still love my heritiage and home country!!!

[longofest]

Quote:

Originally Posted by Jetson

I liked that worm crawling out of the apple graphic

It's actually a really old graphic we have on the system. We've shunned some of the older ones for the more classic "news" and "rumor" graphics (aka the newspaper and question mark), but I thought I'd bring out the worm for this one

[Cubert]

Obviously, Apple is on top of things. Their latest releases patch the issue.

[iJaz]

"Mac's not invulnerable"

[tveric]

Quote:

Originally Posted by iJaz

"Mac's not invulnerable"

We really need a Slashdot-like moderating system.... -1 Troll!

[yellow]

Quote:

Originally Posted by Macrumors

According to News.com, his actions are in part to show that Apple software is not unbreakable.

Damnit, who keeps saying that it is? Well, cut it out!!

[Onizuka]

*yawn*

So, really, who gives a damn? I don't want proof-of-concept. I want proof that it works in the wild. Come on now. Someone do something here. Quit making all of these claims. It's like foreplay without the ending. Ya know? WTF?

[dejo]

Wait. According to the "security through obscurity" people, nobody is writing exploits for Mac OS X because of its low marketshare. How can this be?