November 21, 2006 2:17 PM PST

Attack code targets zero-day Mac OS X flaw

A security researcher has published attack code for an unpatched flaw in Mac OS X, the latest vulnerability in the "Month of Kernel Bugs" campaign.

The proof-of-concept code exploits a security hole in the way Apple Computer's operating system handles disk image files, the researcher wrote Monday on a blog devoted to the campaign, which promises to reveal details of a new flaw in low-level software every day this month.

"Mac OS X com.apple.AppleDiskImageController fails to properly handle corrupted DMG (disk image) image structures, leading to an exploitable memory corruption condition with potential kernel-mode arbitrary code execution by unprivileged users," wrote the researcher, who goes by the initials "LMH."

The vulnerability could be exploited remotely, as Apple's Safari Web browser loads DMG files from external sources, such as one found while visiting an URL, LMH wrote. That could let an outsider compromise a system.

Secunia rated the vulnerability as "highly critical" in an advisory on its Web site on Tuesday. In addition to being used to compromise a computer, the flaw could be exploited by malicious local users to gain escalated privileges to the system, the security company said.

Apple representatives did not respond to a request for comment.

In the blog, researcher LMH said people can prevent an attack by "changing the Preferences and deactivating the functionality for opening 'safe' files after downloading."

Vulnerabilities in the Mac OS have been rising, leading some experts to note that the Macintosh platform is not impervious to security problems. The vast majority of security vulnerabilities affect computers running Microsoft Windows.

See more CNET content tagged:
flaw, researcher, Apple Mac OS, vulnerability, Apple Mac OS X

107 comments

Join the conversation!
Add your comment
REQUIRES LOCAL ACCOUNT
Yeah, a corrupt disk image is bad.

BUT IT REQUIRES A LOCAL ACCOUNT ON THE MACHINE.

Please get a clue and publish some truth, cnet. We're all getting
tired of your fictitious shock-and-awe reporting. Let's hear some
facts for a change.
Posted by tedk7 (66 comments )
Reply Link Flag
actually
Actually, on second thought, the cnet folks may actually be so
clueless as to believe that it is a remote exploit just because the
data involved can be pulled over the network. In which case, all
attacks on earth would be considered "remote".

Please do some basic computer security research before publishing
articles on the topic.
Posted by tedk7 (66 comments )
Link Flag
Old and inneffective
Safari automatically opening files was an issue a LONG time ago. The default setting for Safari for several years has been to NOT automatically decode files! Thus the suggestion to go into the preferences and deselect this is useless.

Also this means that 99.999999% of Mac users are 100% unaffected by this stupidity in Mac OS X's default configurations. The only ones affected are those stupid enough to actively go in and change this setting and then leave it that way.

Besides, what's the worst that can happen? The system crashes. Period.

Reboot, don't do the stupid thing again, and move on.

This is no more an "exploit" of Mac OS X or of Safari than my going into a police station and demanding they give me all their cash at gunpoint.
Posted by shadowself (202 comments )
Link Flag
Mac OS rises like a phoenix!
Please, it's not Mac OS. Mac OS was mothballed by Apple years ago
(not saying it isn't still in use). The current system is OS X.
Posted by (1 comment )
Reply Link Flag
actually
Actually, the official name from Apple is "Mac OS X"
Posted by verucabong (44 comments )
Link Flag
But first you crash and burn
You can't rise out of the ashes like a Phoenix until first you crash and burn in sea of flames of your own creation.

Interesting analogy you've chosen.
Posted by Vegaman_Dan (6683 comments )
Link Flag
Semantics
Actually, there has never been anything officially titled mac OS.
This is just a generic moniker, and as such is just as applicable to
any version of the operating system that comes from Apple for the
platform. Previous version were mac OS 9, mac OS 7, etc.
Posted by DeusExMachina (516 comments )
Link Flag
omg
c|net is a horrible sorce for news
Posted by cam45687 (1 comment )
Reply Link Flag
LOL ... pitiful
I was going to comment, but it appears the user base isn't as
clueless as this article is.

... the only thing that shocks me here, is the ineptness in the
reporting of a bad disk image as an actual flaw in the operating
system.

To be fair. The author may not understand exactly what a disk
image file is.
Posted by Thomas, David (1947 comments )
Reply Link Flag
"Month of hype" is more like it. Good page views for CNet though...
...as they run every press release.
Posted by M C (598 comments )
Reply Link Flag
So Mr. Jobs...
....no response huh! That's a classic Homer Simpson move dick! I
happen to run my business and develop exclusively on a G4 and
happen to love every minute of it.

Well, except when the spinning beach ball won't go away, but
other than that everything is awesome. Now you let me down
not only as a company but as a technology leader. How the hell
can you sleep at night knowing that you shut off the phones to
offer an explanation?

Wait, I know why! To offer an explanation of diligence would
warrant a fix of some-kind. Maybe a fix that you can't offer. So
this leaves me to wonder, as it should the world that use's
Apples products:

If Apple ignores our security needs like this, why should we
consider them at all?

A question all should be asking themselves, including you Steve
Jobs. After all, were ALL human!


J Gund
Tech01
Posted by OneWithTech (196 comments )
Reply Link Flag
False reasoning
Ignoring a phone call from a second rate news reporting news agency such as c|net ignoring OS X user security concerns. Apple has a far better record of providing security updates than other major industry players such as MS or Oracle for example,
Posted by MadKiwi (153 comments )
Link Flag
maybe...
it's because they are working on a fix. Christ dude, it was published yesterday. I'm not apologzing for them, but just because they don't say anything doesn't mean they're not looking into it.

-SD-
Posted by SteveDave2 (34 comments )
Link Flag
ARE YOU HIGH!? OR WHAT?!
There IS not security problem. Your post makes it obvious your
are not even a real OSX user! If you were, you would know
what a disk image file is, and thus, know that this article is
nothing more than alarmist, bovine, fecal matter!

As a result, you must be one of those spin attack posters, you
know, a shill, for lack of a better, and decent description.

Basically, all I can say is shove it, and post your nonsense on
your nonsensical blog.

In the mean time, read up, and find out what a disk image file is,
and how it is handled.
Posted by Thomas, David (1947 comments )
Link Flag
You called Steve Jobs?
You have his number? Wow.

So why did you waste your extremely limited time with him on a
bogus issue like this one?
Posted by tedk7 (66 comments )
Link Flag
Replies
Most software makers have a standard policy not to respond to
these. Over a year ago I was visiting a Bay Area enterprise software
maker and overheard (I love those Polycom conferencing systems) a
'researcher' basically try and bribe his way into a job at that
company if they didn't want the exploit divulged. I later found out
from one of my retiring colleagues that this happens more often
than one might think. I have little doubt that Jobs and his minions
have better uses of their time than to have an informal chat with
the press.
Posted by mathue_tax (56 comments )
Link Flag
Apple won't admit the fault exists
Apple doesn't normally acknowledge any flaws found in their products when found by outside sources. They normally just quietly correct the problem and release it as part of an update to an unrelated program update. It's pretty common in the industry. That way you never have to admit that there was a problem in the first place.

What possible reason would Apple have to answer any inquiries made about it? That would mean having to admit their OS was not invulnerable and no company is going to do that.
Posted by Vegaman_Dan (6683 comments )
Link Flag
Don't download suspect files EVER
No matter what the OS - Windows, Linux, Mac - downloading
suspect files is *always* going to be fraught with hazard,

You, the user, are in control of this aspect of security.
Posted by dotmike (154 comments )
Reply Link Flag
No no no, common sense not allowed
You're not allowed to use common sense and logic when in a discussion about operating systems. That's not what people are here for. They are here to argue that (InsertName) OS is the be all and end all great holy operating system of the epoch and that (InsertName) OS is the root cause of all evil in the world.

We don't want your calm and sensible comments. We want belligerence and Holy OS flamewars. Haven't you been here long enough to realize that nothing else matters other than to prove that I'm right and the rest of you are all wrong? :)
Posted by Vegaman_Dan (6683 comments )
Link Flag
too much
that would require a level of responsibility that most people today are trying to avoid. anytime we can sidestep the consequences of our laziness and blame someone else we'll take it!

just ask the coffee servers @ macdonalds

fh
Posted by ffhyatt (2 comments )
Link Flag
Call me when this problem is in the wild
I've got too much work keeping our Windows machines protected
against thousands of real threats to worry about exploit code.
Posted by rcrusoe (1305 comments )
Reply Link Flag
Proof-of-Concept only.
Maybe the growing percentage of Mac Users might. But honestly,
do we have to start nicknaming a proof of concept vulnerability
when it hasn't even hit mainstream yet? If we can even call it a
vulnerability.

As far as I know the Mac hasn't lost anyones money, or for that
matter lost anyones I.D., to date. I haven't heard any Mac users,
at my work, complain about system problems or crashing. When
I see Mac users around my office there almost always quiet and
busy working with nothing more than a cough coming from that
area. I wish I could say the same about the rest of the company,
but I digress. But its unfortunate these type of articles have to
exploit a virus thats proof-of-concept only (or even if it is a
virus), as it would almost certainly deter some switchers from
switching.

I use both a Windows machine and a brand spanking new
MacBook (that runs everything), the only issue I have with the
Mac OS is it really doesn't alot memory to certain tasks or appz
very well, other than that its pretty rock solid.
Posted by ServedUp (413 comments )
Reply Link Flag
Proof-of-Concept only.
Maybe the growing percentage of Mac Users might be
concerned. But honestly, do we have to start nicknaming a proof
of concept vulnerability when it hasn't even hit mainstream yet?
If we can even call it a vulnerability.

As far as I know the Mac hasn't lost anyones money, or for that
matter lost anyones I.D., to date. I haven't heard any Mac users,
at my work, complain about system problems or crashing. When
I see Mac users around my office there almost always quiet and
busy working with nothing more than a cough coming from that
area. I wish I could say the same about the rest of the company,
but I digress. But its unfortunate these type of articles have to
exploit a virus thats proof-of-concept only (or even if it is a
virus), as it would almost certainly deter some switchers from
switching.

I use both a Windows machine and a brand spanking new
MacBook (that runs everything), the only issue I have with the
Mac OS is it really doesn't alot memory to certain tasks or appz
very well, other than that its pretty rock solid.
Posted by ServedUp (413 comments )
Reply Link Flag
More Fun
Yes I agree , it would be a lot more fun for the hackers to exploit the concept create a hack/virus whatever and release it into the wild so that the Mac world crashes, after all everybody knows that the Mac can't be attacked ( I've seen the ads).

Oh and by the way. If I don't read the news the world is really a nice place too.
Posted by rorybaust (17 comments )
Link Flag
Is this apple.com?
IMHO I think that Steve Jobs is not going to show up here. You
might try Apple`s forums.
What I can do to get rid of this vulnerability is to restart my mac on
the XP side of bootcamp and I`ll besafe.
Thanks for nothing.
Posted by MicroFreak (11 comments )
Reply Link Flag
Security Problem? Mac? What?
What? Macs vulnerable to security issues just like windows? What? Can you repeat that?? SHUT UP ALL YOU MAC FANATICS WHO THINK THAT MACS ARE BETTER THAN WINDOWS.
Posted by explorer5 (31 comments )
Reply Link Flag
Heh
Sorry, I'm not gonna shut up.
Posted by mathue_tax (56 comments )
Link Flag
Get a clue
This requires the user to turn on a feature that is off by default,
then provide an administrator password! The result is just a kernel
panic. No remotely executed code. Unpleasant yes, but hardly a
threat, especially if you're not a complete idiot. Windows systems
on the other hand, continue to be converted into zombies by the
tens of thousands every day.
Posted by Macsaresafer (802 comments )
Link Flag
Clue for you
Macs aren't invulnerable.

Macs are better than windows.

Have a nice day.
Posted by tedk7 (66 comments )
Link Flag
You have to get a clue
and get out of your bubble. I'd like to see a worm/virus made that
can attack a Mac OS X computer without (the Mac OS X) users
intervention. AND not just to a specific driver flaw but to the entire
distribution of computers running Mac OS X. How about some RPC
action? Windows has its ass to the wind and doesn't require any
user intervention to infect unpatched flaws. Oh except for one...
turn the Windows machine on.
Posted by mpitogo (270 comments )
Link Flag
Breaking into my house
Does anyone get sorta creep'd out by people who's sole profession
is to break into things? Are there researchers out there publishing
how to pick the locks or overcoming the alarm on my home?
Posted by mathue_tax (56 comments )
Reply Link Flag
As a matter of fact, Yes!
Ever heard of a bump key? Google it. Your home is not safe.
Check out www.toool.nl and click on the english version if you need
to. These guys are good at it.

When you say "sole profession is to break into things" it's creepy. If
you look at it as " testing security systems" it's a career.

Lampie
Posted by lampietheclown (73 comments )
Link Flag
Last line wrong
> The vast majority of security vulnerabilities affect computers running Microsoft Windows.

WRONG!!! There are more vulnerabilities for the Mac than for Windows and Linux together.
It IS true that the vast majority of ATTACKS happen on Windows (for obvious reasons) but the fact that the article writer confuses vulnerabilities with attacks doesn't give me much confidence in the article.
Posted by herby67 (144 comments )
Reply Link Flag
RE: Last line wrong
"WRONG!!! There are more vulnerabilities for the Mac than for
Windows and Linux together."

Would you care to back up that statement? Or are you just
whistling Dixie??? Or to quote Shakespeare "Methinks he doth
protest too much", or something to that effect.
Posted by protagonistic (1868 comments )
Link Flag
LAST MESSAGE WRONG
You think Windows+Linux has fewer vulnerabilities than OSX?

You're on more drugs than Keith Richards.
Posted by tedk7 (66 comments )
Link Flag
Last message wrong
You think Windows+Linux has fewer vulnerabilities than OSX?

You're on more drugs than Keith Richards.
Posted by tedk7 (66 comments )
Link Flag
Reality
I'm not a security expert. I do not know the ins and outs of
Windows and OS X down to the level necessary to truly
understand this stuff. And I suspect most of the people posting
here also lack this knowlege.

I do know this though. There has never been a significant
security exploit on OS X, and there have been quite a few on
Windows. If security is a concern for you, then that is a reason to
buy a Mac.

Are Macs invulnerable? No. We'll they always be free of viruses
and security exploits? Probably Not. Is security something you
currently need to worry about on a Mac? No. Is security
something you will need to worry about in the future on a Mac? I
doubt it. While OS X is not likely to retain a 100% success rate
forever, it will very likely remain much more secure than
Windows for the forseeable future.
Posted by CBWolf (56 comments )
Reply Link Flag
security on a mac
"Is security something you currently need to worry about on a
Mac? No. Is security something you will need to worry about in
the future on a Mac? I doubt it. "

Even if you live in the safest area in the world, you still close
your door and occassionally feel the need to lock it. If you have
any computer, you should consider the security implications. OS
X has more built in security features of a robust nature than
those in Windows. Does this mean that you should not be alert?
NO. Does this mean that there is absolutely no need for
additional security software? NO. If you didnt need to worry at
all, then apple wouldnt sell antvirus software on their own
website.
If you dont at least set up your system to a good degree of
security, then the result will be down to complacency.
I dont say this because Im a windows fanboy. Just the opposite
in fact, but because I own a Mac doesnt mean Im foolish enough
to declare it invincible to the world.
Posted by yikes31 (71 comments )
Link Flag
Will Mac ever be a real popular OS?
Will the Mac OS ever be a real popular OS in the future enough to warrant protection that the other OS's garner (Linux, BSD, Windows, etc)?

You're right. Probably not. But ignoring the problem is irresponsible too. Apple needs to own up to the issue and fix it. Ignoring it and denying that it exists is just inexcusable. I'm sure they will do the right thing and release a patch for this.

Maybe.
Posted by Vegaman_Dan (6683 comments )
Link Flag
A brief correction
"Is security something you currently need to worry about on a
Mac? No."

Well, that all depends on how you chose to define security. Do
you need cultivated paranoia, constantly checking to see that the
sky has not started falling like you do in the Windows world? No.
Do you need vigilance? Yes, of course you do. While there are no
real "exploits" in the traditional sense, there are any number of
social engineering malware scripts, there is the occasional
silliness like W97M.Melissa MS Office macro virus (which DOES
affect macs, though not profoundly) and there are always those
pesky relatives of former Nigerian finance ministers.

Also, just to be nice to those poor soles with Windows, it pays to
be watchful, since, while macs can't currently get any viruses,
they are certainly capable of forwarding them to their Windows
compatriots.
Posted by DeusExMachina (516 comments )
Link Flag
Attack killed my Chia Pet!
Now I know why my Dashboard Chia Pet keeps dying. Damn you,
VXers!
Posted by Chung Leong (111 comments )
Reply Link Flag
Please, Don't Help!
I like Macs, but when I tell someone what kind of computer I use,
they usually look at me like I was at their front door with a bible
and some pamphlets, and you lot are the reason why. Most of
the reasons posted for discounting this "hole" show that the
posters really didn't understand the article, consider the facts, or
click the link to the rest of the story. Someone wrote something
less than flattering about an Apple product, and in come the
Fanboys with their canned rhetoric to drown out the discussion,
not with facts, but with shear volume. For example...

---"Yeah, a corrupt disk image is bad.
BUT IT REQUIRES A LOCAL ACCOUNT ON THE MACHINE."---

What's your point? That it won't work if no user is logged in?
You can stare at the log in screen all day if you want, but I like to
log in and use my computer. Do you have some way of using
yours without logging into a local account? If you do, we all
want to know how you do it.

---"... the cnet folks may actually be so clueless as to believe
that it is a remote exploit just because the data involved can be
pulled over the network. In which case, all attacks on earth
would be considered "remote"."---

Consider the possibility of using the "corrupt DMG" as a trojan
horse, to install code that allows me to own your computer. I
put the file on my website, and you download it, thinking it's
nude desktops of Steve. When you open it, I own your computer
without ever sitting in front of it. That's a remote exploit.

---"Safari automatically opening files was an issue a LONG time
ago. The default setting for Safari for several years has been to
NOT automatically decode files!"---

All an attacker needs to do is get you to download it. If you'll
download it, you'll open it. Safari not required. Do you have any
idea how easy it is to get huge numbers of people to download
something?

---"Besides, what's the worst that can happen? The system
crashes. Period."---

From the article - "... leading to an exploitable memory
corruption condition with potential kernel-mode arbitrary code
execution by unprivileged users," wrote the researcher, who
goes by the initials "LMH.""

What's worse than the system crashing? Code execution by
unprivileged users.
Do you have some reason to believe that LMH is wrong about
the corruption being exploitable? That would be helpful, and a
valid objection to the article, but you didn't mention it.

---"To be fair. The author may not understand exactly what a
disk image file is."---

Do you understand what a stack overflow is? Are you saying
that a "corrupt" DMG file can't cause one? Are you saying that
memory corruption can't be exploited in OSX? That would be
useful information, if you can back it up, and a valid objection to
the article, but you didn't mention it.

Please stop defending Apple and my favorite OS. It is way more
secure than Microsoft's products, but it's not perfect. It's a
known fact that the most insecure component of any system is a
loose nut behind the keyboard. Based on that, The more you
Fanboys post, the more insecure OSX looks.

I don't know how serious this "hole" will turn out to be. Reports
like this have been popping up ever since OSX was released, but
there are still no serious threats to Mac OSX in the wild.
I know two things. I have no proof that it's not true, and the
Fanboys have offered no proof that it's not true.

In my opinion the headline "Attack code targets zero-day Mac
OS flaw" is a bit over the top, but the point of a headline is to
grab your attention, so it's to be expected that headlines are
sometimes like that.

Fanboys,
When it comes to making Mac Users look bad, you are worse
than the critics. Stop helping!

CBWolf, I agree except for one point. Security IS something Mac
OSX users need to worry about. There is more to security than
code exploits.


Lampie The Clown
Posted by lampietheclown (73 comments )
Reply Link Flag
Re: Please, Don't Help!
I can only repeat my previous statements, but I feel like a tiny
voice shouting with a raging storm overhead.

A disk image file, to the user, is the same is inserting a CD, or
connecting to a another drive, except that it is done in memory.

These files are not automatically opened, to my knowledge at all.
You have to download it, and it still will do nothing because the
operating system will request your permission to do so. If it
contains an executable, it will ask you again before opening it.

I, as many other here, fail to see this as an exploitable security
issue. It is not an automatic, secret method to download/
install/run ANY kind of code.

If I create a CD, with an auto-run feature, on pre-Vista Windows,
it will execute. On OSX it will not unless I allow it. I can create
any type of program I want to auto-run. There is nothing wrong
with this, and nothing that dis-allows it. It is an extremely
useful method. Just like about everything else in the world,
someone could create a program to perform a malicious act.

It is not usual for a Mac user to go out and download, and install
from "unknown" or "mysterious" disk images. That would be
stupid, so they/we don't. No more than PC users will take a
mysterious CD image, or physical disk, then load and install it
either.

The story here is bogus, as so many have already tried to
explain. I wish some of you would just show a little bit more
intelligence. This goes for the author of this story as well. I
especially love the catchy title, even though it is B.S.
Posted by Thomas, David (1947 comments )
Link Flag
Shouting in the Wind
I can only repeat my previous statements, but I feel like a tiny
voice shouting with a raging storm overhead.

A disk image file, to the user, is the same is inserting a CD, or
connecting to a another drive, except that it is done in memory.

These files are not automatically opened, to my knowledge at all.
You have to download it, and it still will do nothing because the
operating system will request your permission to do so. If it
contains an executable, it will ask you again before opening it.

I, as many other here, fail to see this as an exploitable security
issue. It is not an automatic, secret method to download/
install/run ANY kind of code.

If I create a CD, with an auto-run feature, on pre-Vista Windows,
it will execute. On OSX it will not unless I allow it. I can create
any type of program I want to auto-run. There is nothing wrong
with this, and nothing that dis-allows it. It is an extremely
useful method. Just like about everything else in the world,
someone could create a program to perform a malicious act.

It is not usual for a Mac user to go out and download, and install
from "unknown" or "mysterious" disk images. That would be
stupid, so they/we don't. No more than PC users will take a
mysterious CD image, or physical disk, then load and install it
either.

The story here is bogus, as so many have already tried to
explain. I wish some of you would just show a little bit more
intelligence. This goes for the author of this story as well. I
especially love the catchy title, even though it is B.S.
Posted by Thomas, David (1947 comments )
Reply Link Flag
Put your money where your mouth is
---"If it contains an executable, it will ask you again before
opening it."---

If you open a DMG that is designed to corrupt the memory stack,
it won't ask you anything. The concept is that just opening the
disk image will corrupt the memory. Once the stack is corrupt,
the author can direct the kernel to read and run any code they
wish, at the root level, without permission, and without you
knowing.

You can check this by clicking the link in the article, going to the
blog, and downloading an example of the exploit. If you are
right, you will get a pop up window when you try to mount the
DMG. If LMH is right, your computer will probably crash. The
question is, what code did LMH direct the kernel to run before
the crash?

So how confident are you in your opinion? I tried it on a test
machine, and know what happens. Post what happens when you
open the DMG here after you try it, unless you're not confident
enough in OSX to protect against such bogus threats. By the
way, there is no install, executable, or autorun, just mount the
DMG and see what files are inside. It's no different than
inserting a CD or connecting another drive, right?

Looking forward to your answer.

Lampie
Posted by lampietheclown (73 comments )
Link Flag
Do you believe it or is it just fan rant?
---"If it contains an executable, it will ask you again before
opening it."---

If you open a DMG that is designed to corrupt the memory stack,
it won't ask you anything. The concept is that just opening the
disk image will corrupt the memory. Once the stack is corrupt,
the author can direct the kernel to read and run any code they
wish, at the root level, without permission, and without you
knowing.

You can check this by clicking the link in the article, going to the
blog, and downloading an example of the exploit. If you are
right, you will get a pop up window when you try to mount the
DMG. If LMH is right, your computer will probably crash. The
question is, what code did LMH direct the kernel to run before
the crash?

So how confident are you in your opinion? I tried it on a test
machine, and know what happens. Post what happens when you
open the DMG here after you try it, unless you're not confident
enough in OSX to protect against such bogus threats. By the
way, there is no install, executable, or autorun, just mount the
DMG and see what files are inside. It's no different than
inserting a CD or connecting another drive, right?

Looking forward to your answer.

Lampie
Posted by lampietheclown (73 comments )
Reply Link Flag
No Mac - cannot test
I cannot test. But the feature of Safari was and is request for troubles.

Mac OS X maintains special list of "safe" content, which Safari upon clicking on link would automatically download and launch.

PDF & DMG are all listed as safe. Since the files are pretty complicated, marking them as safe is plain stupid. In fact, I had that feature turned off, so Safari was simply downloading files, but not opening them.
Posted by Philips (400 comments )
Link Flag
More "National Enquirer" headlines from CNET..
CNET Quote: "Vulnerabilities in the Mac OS have been rising,
leading some experts to note that the Macintosh platform is not
impervious to security problems."

And the ONLY OS that IS impervious to security problems
is......????

I thought so..

Come on CNET, lets keep things in perspective. The Mac with a
half dozen or so security problems to Windows hundreds of
thousands. If you're now going to label the Mac as "impervious
to security problems" then you need to openly label Windows as
a "MAJOR SECURITY RISK" and advise readers to avoid Microsoft
products at all costs..!!
Posted by imacpwr (456 comments )
Reply Link Flag
What about Linux then!
Why single out Microsoft. Linux has roughly 3 times the number of security vulnerabilities, and on average they take twice as long to get patched as for Windows.
Posted by richto (895 comments )
Link Flag
Read the story?
I don't think you read the article or misunderstood the words.

They don't mention Windows or Microsoft. Why are you?

Please go back and reread the article. It might help if you read the words this time.
Posted by Vegaman_Dan (6683 comments )
Link Flag
Yeah...
Notice this states if you use Safari. Try Camino or Firefox and I bet this does not happen. You can also just uncheck the open safe downloads pref, and that will take care of that. Still beats the crap out of having "patch days" and people who actually want to attack an OS. Even if it could happen does not mean it will. It's like saying the Earth is vulnerable to alien attack.
Posted by Reverend_Shank (3 comments )
Reply Link Flag
SG1 will protect us
When Earth is attacked by aliens, we'll have the SGC to protect us.

In the mean time, Apple needs to own up to the flaw, issue a patch, and then move on. It's a simple thing. Will they? Let's wait and see.
Posted by Vegaman_Dan (6683 comments )
Link Flag
Social engineering
For those who might be unfamiliar with the idea here is the risk. People who benefit from or just plain enjoy creating mayhem are not trustworthy or truthful types of individuals. They will lie in order to get you to do something you would not ordinarly do. So in this case you would be incorrectly informed what is on a particular DMG (disk image). Just the act of mounting the DMG file is what causes a problem. It is not necessary to trick you into running someone else's malicious code. Apple's own OS code for mounting DMG files does not handle maliciously formatted DMG files.

It is probably also worth noting this quote from the site reporting this issue:

"Mac OS X fails to properly handle corrupted UDTO HFS+ image structures (ex. bad sectors), leading to an exploitable denial of service condition. Although it hasn't been checked further, memory corruption is present under certain conditions (in this particular case, unlikely to allow arbitrary code execution)."

So even if the adversary manages to lie successfully and get you to try to mount his maliciously ill-formatted DMG file there is no evidence you could experience more than a system crash. Since I can customarily run anything and everything on my Mac for months without a crash or reboot that would be annoying but it would be a poor excuse for an exploit.
Posted by Steve Bryan (92 comments )
Reply Link Flag
Were is that MAC guy
He said they don't get viruses?
Posted by stevenmcs (47 comments )
Reply Link Flag
Virus? - try re-reading the story steve. . .
No where in the article is the word "Virus" mentioned.
You see:
"proof-of-concept code"
"vulnerability"
"flaw"
What exactly is the "Virus" you're talking about steve?
Posted by K.P.C. (227 comments )
Link Flag
MACs
Media Access Controllers Don't get viruses. Neither do macs.
Posted by DeusExMachina (516 comments )
Link Flag
Somewhere being exploited but still shouting they don't get viruses.
Don't you get it? Mac users don't care they have proof-of-concept codes, high-risk vulnerabilities, zero-day flaws, attack codes, attacks and exploits as long as they can say they don't get viruses and we (more than 85% of people who use computers) do.
Posted by Ryo Hazuki (378 comments )
Link Flag
Bad story for Apple finnishes as always on CNET
Interesting how every single story that's not that good news for Apple has to finnish in a positive side (and positive side for Apple is not to get positive facts about Apple, but negative facts about Microsoft). It's like it's forbidden to publish bad news about Macs without finnishing saying Windows is (still) worse. Who would say an OS with more than 85% of market share is the most targeted? When are Apple fanboys learn Maths (not Macs) once and for all and admit the facts? It's like someone dies in the USA and in the end of the news it says more people die every day in China, so we're cool. That's some professionalism.
Posted by Ryo Hazuki (378 comments )
Reply Link Flag
The fact is, there are no exploits.
The fact that a corrupt disk image can crash the system is not an
exploit. You're desperately trying to make the Mac look as
insecure as Windows. Why? It's an exercise in futility.

Here's some math for you: even when some one eventually
develops a successful exploit, the ratio of Windows exploits to
Mac exploits will be well over 100,000 to 1. What's more,
because it will only be one exploit, it will be easy for Apple to
patch it quickly, and very likely will affect a very small
percentage of Mac users. Admit it, from a security (as well as
usability) perspective, it's much better to be a Mac user.
Posted by Macsaresafer (802 comments )
Link Flag
And you know about professionalism?
The reason why most Mac Users are defensive about Apple
receiving any bad press is that most of the time they have to
deal with uninformed Windows users (and I've been in many PC
vs. Mac conversations), on how the Mac doesn't have this or
doesn't have that, or can't do this or do that. When in hindsight
(being a general Windows user myself), the Mac actually does
this, that and more! (well, more than I had thought).

Bootcamp & Parallels is the main reason, I switched from a PC
laptop to a Macbook. In my opinion it really is the only laptop
you'll ever need. As for PC towers, they are still cheaper than an
average Imac or MacPro unit, hopefully Apple can do something
about that. Why? Because I can still easily build a PC tower from
top to bottom thats comparable to a MacPro, minus the cool
industrial design, which people will pay a premium for.

But I won't elaborate any more than that, cause I'm not an Apple
salesman and I'm not receiving any of that Ipod-kick-back-
money. So Apple will just have to do its own marketing, minus
myself. Hehe.

But most Windows users will never know how great a mac runs
because most of them (and I know alot of Anti-Apple Windows
users) are comfortable using the one operating system and don't
need it for anything else.
Posted by ServedUp (413 comments )
Link Flag
Ummm... No
What you are saying makes sense, but is not correct. OS X, although it is not perfect, was built with security in mind, unlike XP. The UNIX kernal is far superior to that of NT (DOS 2.0) and is far more efficient. Macs have built in firewalls that ACTUALLY WORK, unlike that of the microsoft firewall that occupies gigabytes of valuable harddrive space. If you are trying to say that CNET is biased against Windows, you are looking in the exact opposite direction. Just look at the reviews for the macbook pro core 2 duo, somehow, the lack of a media card reader is costs a laptop 3.6 points!
Make sure you check your facts before speaking
Posted by metalhead11 (47 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.