PING!
What's the fix for this? Upgrade to OS X.4.7...
If you want on or off the Mac Ping List, Freepmail me.
Posted on 06/30/2006 12:05:19 AM PDT by Swordmaker
Attack code that exploits a flaw in Apple Computer's Mac OS X was publicly released Wednesday, increasing the urgency to patch.
The code's arrival comes just a day after Apple made an update available for its operating system. The malicious program takes advantage of a locally exploitable vulnerability in an operating system component called "launchd".
"Attackers may exploit this issue to execute arbitrary code with elevated privileges," Symantec said in a security alert to customers that was updated on Thursday.
On Tuesday, Apple delivered Mac OS X 10.4.7. The operating system update repairs a total of five flaws. Four of them affect both the client version of Mac OS X. The other, in the ClamAV antivirus software, has an impact on the server release.
Apple is recommending that people install all updates when they're issued to keep their software fully up to date, a company representative said Thursday.
"This proof of concept was fixed in Tuesday's Mac OS X 10.4.7 update," the representative said, referring to the ability for the exploit code to run.
The exploit was created by Kevin Finisterre, a security researcher at Digital Munition. Earlier this year, Finisterre created the Inqtana worm, which targets Mac OS X and spreads using an 8-month-old vulnerability in Apple's Bluetooth software. His actions are in part to demonstrate that Apple software is not unbreakable, he has said.
Apple users can download Mac OS X 10.4.7 through Software Update or the standalone installer. Typically, the Mac OS automatically checks for updates once a week.
Separately on Thursday, Apple put out iTunes 6.0.5, an update that it said fixes a security problem that could be used in a denial-of-service attack or let an intruder run code on vulnerable systems.
"The AAC file parsing code in iTunes versions prior to 6.0.5 contains an integer overflow vulnerability," the company said on its security Web site. "Parsing a maliciously-crafted AAC file could cause iTunes to terminate or potentially execute arbitrary code. iTunes 6.0.5 addresses this issue by improving the validation checks used when loading AAC files."
The iTunes vulnerability affects Mac OS X versions 10.2.8 or later and Microsoft Windows XP and 2000, Apple said.
"This proof of concept was fixed in Tuesday's Mac OS X 10.4.7 update," the representative said, referring to the ability for the exploit code to run.
Another "Proof of Concept" for an already patched flaw...
Earlier this year, Finisterre created the Inqtana worm, which targets Mac OS X and spreads using an 8-month-old vulnerability in Apple's Bluetooth software.
Finisterre is really quite good at exploiting flaws... after Apple points them out and has patched them. The Bluetooth flaw was fixed MONTHS before Finesterre claimed to find it. . .
PING!
What's the fix for this? Upgrade to OS X.4.7...
If you want on or off the Mac Ping List, Freepmail me.
Ok, son is away, what do I do?? I am up to 10.4
First of all, there is nothing to worry about.
There is no malicious malware out in the wild. This was merely a proof of concept that showed a computer cracker COULD, if he were sitting at your machine, force the computer to execute a malicious application HE had already placed on your computer (because he was sitting at your machine and knows your administrator user name and password) by overflowing the stack and inserting an order to jump to the start of the software he had installed. I think it would be easier to merely double click on the installed app... since, after all, he IS sitting right at your keyboard and has your mouse in hand.
Secondly, if you do not know your son's administrator password for the computer, you will have to wait for him to come home.
If you do know them, and he has given you permission to upgrade, then simply click on the blue Apple on the menu bar and select "Software Update" and let the computer upgrade itself. You will have to put in the Administrator name and password when asked. It will update you to 10.4.7 and close the loophole. Just follow the prompts.
Thanks, actually it's my admin password, it's my Minnie. (name of computer) Son just is a know it all. (literally and figuritively!)
I'm doing it now and THANKS.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.