The Mac OS X UDIF Memory Corruption Vulnerability apparently can enable a hacker to take control of the Mac kernel.
The advisory, here, said that the problem is caused in the com.apple.AppleDiskImageController software when it handles corrupted DMG images.
Code can be written to cause this memory corruption and also allow nasty code to be run in Apple kernel mode.
The vulnerability applies to fully patched Mac OS X machines and earlier versions may also be affected.
Currently the only cure is to deactivate the option "opening safe files after downloading" in Safari preferences, the advisory said.<<P> Hacks at MacCentral seem to think "highly critical" flaw is nothing to worry about provided that users disable the opening of safe files after downloading. By default, that is not allowed in Safari anyway.
More here. µ
Sign up for INQbot – a weekly roundup of the best from the INQ