RSS'Serious Flaw' Claimed Found in Mac OS
By Ed Oswald | Published February 21, 2006, 12:07 PM
German technology site Heise Online reported Monday that a serious flaw has been discovered within Mac OS X. The vulnerability could put users in danger of falling victim to a scripting attack, say security experts. But like the previous "virus" reported last week, manual interaction is required.
The danger exists in how a specially designed binary file is written. To the untrained eye, the file may appear as a normal QuickTime .mov for example, but will actually open up the operating system's Terminal application and execute scripting commands.
The malicious script could be given any extension -- such as .jpg, .gif, .wmv, and so on -- that would make it appear as a normal, safe file. However, a metadata file associated with the script would open it using Terminal rather than the expected application.
While originally thought to primarily affect Safari users who have "Open 'safe' files after downloading" enabled, the SANS Internet Storm Center later noted that by simply unzipping the file from any source and manually running it would put a user at risk.
Users could uncheck the option within Safari, says SANS, but it would not prevent the user from running the files on their own.
"When this script was stored in a ZIP archive, Mac OS X will add a binary metadata to the archive. This file determines what will be used to open the main file in the archive, regardless of the extension or symbol displayed in the Finder," said SANS.
Heise Online said as of Monday it knew of no Web site taking advantage of this vulnerability, although added, "this could change quickly."
The discovery of the problem comes just days after reports of the first virus for Mac OS X. However, both Apple and enthusiasts of the platform dismissed the notion, saying malicious software was different from a virus. Exploiting this new flaw ostensibly requires a similar level of user interaction.
Apple recommends that users practice safe browsing habits and never run questionable files in order to avoid such risks.
http://www.vnunet.com/vn...ical-flaw-exposes-users
Uhoh...THIS ONE REQUIRES "NO USER INTERACTION". Yep, Apple was stupid to think that asking to find security problems we wouldn't find any...BOOM
Score: 0
|Mac OS X Tiger is still the world's most advanced Operating system ... it is still the best when it comes to security and safety issues .... Windows Vista is yet to be released and the Beta version which I tried has many copied programs like Spotlight , RSS featured Browser ,Gadgets etc ... similar to Mac OS X Tiger ... however the security of the Windows operating system is very vulnerable when compared to other Operating systems ... I feel that one still has to use Anti virus and anti spyware programs on Windows Vista and Windows Vienna ....
Score: 0
|"Mac OS X Tiger is still the world's most advanced Operating system"
After Windows and Linux (NOT in that order) Maybe.
Score: 0
|Sweet.... now I, I mean-- "some hacker"-- can use the script to execute the "malware" from last week! :D My, I mean-- "some script kiddie's"-- dreams of Mac Conquest are soon to be fulfilled! Muaaaaahahahahahahahaha! *grin*
GoodThings2Life does not support, condone, or conduct illegal hacking activities... it's called a joke people... it's "funny", lol.
Score: 0
|"Mac Conquest"
I don't think Mac has enough market share for this to be worth it...
Probably the same reason Linux, BeOS and BSD (and others) have little to know viruses that exploit their flaws... because they have little to no (BeOS) market share.
Score: 0
|This seems more dangerous than the other one to me - but only because I don't know of script files require an admin password.
No prompt - auto running after downloading. Yeah, I think this could be classified more dangerous than the docile last one.
Score: 0
|"auto running after downloading. "
*buzzer*
We're sorry, but that is not the correct answer. Thanks for playing.
Sorry. Still requires the user execute it.
I agree, it's more dangerous, but it still needs to be explicitly run by the user.
Score: 0
|I hope you don't think that users are smart enough to NOT run it... but I think you know better since you do point out the effectiveness of IM viruses.
Score: 0
|Hey, I didn't actually research anything about this one. :P
Just saying offhand that it sounds more dangerous.
Score: 0
|Read my post below. Pretty much sums up my faith in the intelligence of most IM users out there.
Score: 0
|This, again, boils down to the user. Engage brain before accepting files or running files when you don't know what they are. This is common sense. All operating systems are vulnerable to this.
Score: 0
|Why do you think IM worms are so successful?
People just can't resist the "imahorneymidgetleprechaunbikerchick.gif", man.
It's absolutely irresistable.
Score: 0
|Speaking of those horneymidgetleprechaunbikerchicks, did you see the one in the purple leather on that one site? Two words---- awwwwwwwwwww yeeeaaaaaaaah! :D
Score: 0
|Leather?
Feh....*so* 80's.
It's all latex and piercings now, man.
Geez, get with the times.... ;P
Score: 0
|Nah, I'm too old school, lol
Score: 0
|NO!! Don't say it.. I love using my Mac OSx with out virus scanners. It's been saving me money for years now!!!
Score: 0
|Free virus scanner for the two largest OSs. http://free.grisoft.com/doc/1
Maybe if OSX continues to grow in market share, GRI will release a free version for that platform as well.
Score: 0
|Seriously, it could only have been a matter of time...I don't care how secure it is, human make MacOSX, human break MacOSX...
EDIT: Interesting. As soon as I replied to a comment by "nate", his comment and mine both disappeared. I will assume I was correct then? Gues I'll wait to see if this one goes away too...
Score: 0
|You mean one in this thread, or the other thread? Because the one in the other thread is still there.
If you're thinking about the inquiry you made concerning nate that I am thinking about.
That one is still there: http://www.betanews.com/...ue_Wednesday/1140548193
Score: 0
|no news here. OSX is a modern OS built with the Internet in mind. Apple engineers can not predict what types of attacks will occur. No matter what anyone says, all moderns OS's and apps are at risk.
Vista will be a major step forward in security, but someone will find a security hole (no matter how obscure) soon after it is released.
That's the price we pay. The user must be vigilant to keep everything up to date and use common sense.
Score: 0
|WELL said frankwick. Using Windows is like living on the busy side of town. Lock your doors and keep a dog in the yard - odds are damn good you'll be fine.
Score: 0
|Windows is rather like living on the ugly side of town. Steam billows out of holes in the ground, houses are leaky and most things are generally out of order.
Score: 0
|Yea, where are all the usual Apple zealots now?
Score: 0
|We're still here, and we still have thousands of less security issues with our OS as opposed to Windows. As stated before, I'll START to become concerned when a TRUE virus that requires no user interaction is discovered/created. You know.. like the thousands that exist for Windows. :)
On a side note, it's really not hard for someone to write a small application, with an icon impersonating another file type, pray that a user has "show all file extensions" disabled, and hope they run it.
Score: 0
|There is no such thing as a virus that doesn't require "user interaction". Even worms are launched by a malicious user somewhere! :)
Score: 0
|take that OSx users ... !!! :P
Score: 0
|OSX is good, windows is bad. Now go away.
Score: 0
|"But like the previous "virus" reported last week, manual interaction is required."
Anyone have a link or something pointing to a definitive answer as to how MS will handle user-accounts in Vista?
Will they default to LUA, require a password for *any* admin function when using an LUA?
I know from a previous beta that they have the ability to set it so it will ask for a password, even in an admin account setting, but have yet to see anything definitive on how that will be set in a default setting.
Score: 0
|i remember reading somewhere that everything on vista would be password restricted .... even under the admin account .... a'la Linux type
Score: 0
|Depends on your distro, man.
Thanks for the input, but I'm looking for something more definitive than "I read something"...like a link to a credible source.
No offense, man.
Score: 0
|http://www.microsoft.com...aluate/feat/uaprot.mspx
I think this is essentially the info you're looking for.
Score: 0
|Tells me:
"The User Account Control feature is not turned on by default in Windows Vista Beta 1. "
Great!
What about the final release? Is it going to be on by default?
Score: 0
|