Become a MacRumors Supporter for $25/year with no ads, private forums, and more!

MacRumors

macrumors bot
Original poster
Apr 12, 2001
54,629
16,786


According to News.com, security researcher Kevin Finisterre at Digital Munition has released "attack code" to the public that can locally exploit the launchd daemon.

"Attackers may exploit this issue to execute arbitrary code with elevated privileges," Symantec said in a security alert to customers that was updated on Thursday.

The code affects Mac OS 10.4.0 - 10.4.6 (excluding the recently released 10.4.7 and 10.3.x). The same researcher also created a proof-of-concept Bluetooth exploiting worm earlier this year. According to News.com, his actions are in part to show that Apple software is not unbreakable.

Also mentioned in the article is that iTunes 6.0.5 is quietly patching an AAC parsing flaw.

Parsing a maliciously-crafted AAC file could cause iTunes to terminate or potentially execute arbitrary code. iTunes 6.0.5 addresses this issue by improving the validation checks used when loading AAC files.

Digg this story
 

dizastor

macrumors 6502a
Dec 27, 2001
618
15
Los Angeles
another proof of concept. This isn't cool. Eventually someone will release one of these things in a less than sanitary manner.
 

KEL9000

macrumors member
May 19, 2003
44
0
greenmonsterman said:
another proof of concept. This isn't cool. Eventually someone will release one of these things in a less than sanitary manner.


at least they released it after it had been fixed by apple.
 

joshysquashy

macrumors 6502a
May 13, 2005
707
1
UK
Yet another example of why you should always download updates as soon as they are released - they often fix issues, and often highlight previous flaws which some people then take advantage of.
 

caveman_uk

Guest
Feb 17, 2003
2,390
1
Hitchin, Herts, UK
Macrumors said:
[ According to News.com, his actions are in part to show that Apple software is not unbreakable.
So it's not just willy waving then? Oh good. :rolleyes:

Seriously, Apple has one day to get people patched and this 'security researcher' releases exploit code on the web. Well thank you. At least it's only a local exploit.
 

RichP

macrumors 68000
Jun 30, 2003
1,575
14
Motor City
quantumleap.jpg



As stated indirectly by mlr, still better than Windows. Unfortuneatly, Apple's high profile is going to make it more of a target, even if the marketshare is as low as it is.
 

michaelrjohnson

macrumors 68020
Aug 9, 2000
2,180
5
53132
Gosh... a single proof of concept of a local exploit... :rolleyes:

This really isn't that big of a deal. Moral of the story: run Software Update regularly. Apple has done really well in patching their own holes, and responding to these types of "exploits".

That being said, nobody (even Apple) claimed that Macs are somehow immune to security exploits, attacks, and viruses. Nobody should be surprised that these types of things exist, and will someday have a greater impact on your workflow.
 

Doctor Q

Administrator
Staff member
KEL9000 said:
at least they released it after it had been fixed by apple.
Mac OS X 10.4.7 may fix it for Mac OS X 10.4, but Mac OS X 10.3 and earlier may have the same vulnerability. I generally feel safer with the latest O.S. release, even though new flaws will invariably be discovered, because at least the widely known flaws are fixed.
 

longofest

Editor emeritus
Jul 10, 2003
2,876
1,537
Falls Church, VA
Doctor Q said:
Mac OS X 10.4.7 may fix it for Mac OS X 10.4, but Mac OS X 10.3 and earlier may have the same vulnerability. I generally feel safer with the latest O.S. release, even though new flaws will invariably be discovered, because at least the widely known flaws are fixed.

10.3 is not affected by the launchd vulnerability.
 

Mac Pwnz You

macrumors newbie
Jun 29, 2006
10
0
Who really cares? No software is "un-breakable" and nobody ever said that Apple software was. It is still, better, more user-friendly, and more secure than Windows.
 

Texas04

macrumors 6502a
Jul 2, 2005
884
1
Texas
I have to agree with the Water analogy posted above...

My mac alows me to be safer, not immune, and work better than I could ever do with Windows... And Apple does a good job of securing its software, and making sure that everything runs fine "out of the box".

"I'd rather drink water from my local restaraunt, than one in Mexico"


P.S. I'm Mexican to.... :rolleyes: And i still love my heritiage and home country!!! :D
 

longofest

Editor emeritus
Jul 10, 2003
2,876
1,537
Falls Church, VA
Jetson said:
I liked that worm crawling out of the apple graphic :D

It's actually a really old graphic we have on the system. We've shunned some of the older ones for the more classic "news" and "rumor" graphics (aka the newspaper and question mark), but I thought I'd bring out the worm for this one :p
 

Cubert

macrumors regular
Apr 30, 2005
150
0
Obviously, Apple is on top of things. Their latest releases patch the issue.
 

XNine

macrumors 68040
*yawn*

So, really, who gives a damn? I don't want proof-of-concept. I want proof that it works in the wild. Come on now. Someone do something here. Quit making all of these claims. It's like foreplay without the ending. Ya know? WTF?
 

dejo

Moderator emeritus
Sep 2, 2004
15,981
451
The Centennial State
Wait. According to the "security through obscurity" people, nobody is writing exploits for Mac OS X because of its low marketshare. How can this be? ;)
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.