The Inquirer-Home

Bug found in OSX

Highly Critical
Wed Nov 22 2006, 14:17
SECURITY OUTFIT Secunia said it has found a highly critical flaw in the Mac OSX.

The Mac OS X UDIF Memory Corruption Vulnerability apparently can enable a hacker to take control of the Mac kernel.

The advisory, here, said that the problem is caused in the com.apple.AppleDiskImageController software when it handles corrupted DMG images.

Code can be written to cause this memory corruption and also allow nasty code to be run in Apple kernel mode.

The vulnerability applies to fully patched Mac OS X machines and earlier versions may also be affected.

Currently the only cure is to deactivate the option "opening safe files after downloading" in Safari preferences, the advisory said.<<P> Hacks at MacCentral seem to think "highly critical" flaw is nothing to worry about provided that users disable the opening of safe files after downloading. By default, that is not allowed in Safari anyway.

More here. µ

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Heartbleed bug discovered in OpenSSL

Have you reacted to Heartbleed?