Posted on 02/21/2006 7:36:56 AM PST by Senator Bedfellow
A new security vulnerability in Safari has been identified by security experts at Secunia.
The company - which rates the flaw as “extremely critical” - says that the vulnerability was discovered by a source outside the company, Michael Lehn.
It can be exploited by malicious people to compromise a user's system, it warns.
The vulnerability is caused due by an error in the processing of file association meta data (stored in the "__MACOSX" folder) in ZIP archives.
“This can be exploited to trick users into executing a malicious shell script renamed to a safe file extension stored in a ZIP archive,” Secunia warns.
It can also be exploited automatically by Safari when visiting a malicious website.
The company has released a test users can run to check if their systems have been affected.
The vulnerability has been confirmed on an up-to-date system running Safari 2.0.3 (417.8) and Mac OS X 10.4.5.
Users can mitigate the threat by disabling the "Open safe files after downloading" option in Safari.
Does Mail.app attempt to display inline images by default, rather than as attachments? If so, the rather troubling result is that the script may well automatically execute simply by opening a malicious email. Considering how much havoc was caused by Outlook executing whatever script happened to land in the inbox, I'm sure we can imagine the potential for trouble here...
You're welcome.
Well, I'm not a Mac user, so I can't really test this, but one would think that it shouldn't be able to work this way, as a file has to be marked as executable (i.e., chmod 755) in order to run. Images don't need to have the executable bit set to display, so I question whether this tidbit is true. /. is not the best place to get accurate information, but can often point you to a place to look :-)
True. On the other hand, you can gzip it with the executable bit, and when it's unzipped it'll be ready to roll.
True. I'm still kind of unclear about how a particular file gets executed when you are attempting to view an image. Doesn't really effect me anyway :-) I should let the Macheads figure it out. :-)
Re: FireFox ... But, But...
"If you have at least version 1.5, you will be prompted to use the new automated update feature. There are 8 'highly critical' security fixes included with the newest update. Head over to the Firefox site (http://www.mozilla.com/firefox/) to get the latest version of the browser. "
No, its that PC users are tired of mac users lying about their systems working perfectly to try and show intellectual or class superiority -- or some such thing. And, to a lesser extent, irritation at the emotional attachment most mac users seem to have to their machines such that they get terribly defensive when anyone suggests that anything made by Apple isn't the best.
"Sort of like the morbid folks who watch NASCAR -- hoping for a wreck...."
True, but I just find it amusing how the Mac and Linux folks keep trying to say they have no problems.
http://secunia.com/mac_os_x_command_execution_vulnerability_test/
Doesn't work on my G5... I think this was a vulnerability that was found about two years ago and patched.
I also tested my computer on the test the guy who claims to have discovered its site... didn't work there either. I tested it on five other Macs today... none were vulnerable.
The Secunia variant is just that ... a re-writing of the same-old, same-old. It works the same way the original did two years ago... and adds nothing new.
Why are we seeing these FUD stories about Trojans being called "viruses" and retreads of old, long since patched security issues, popping up this last two weeks? Could it be because Apple is shipping the new Intel Dual Core MacBookPros and a lot of Windows users are seriously looking at purchasing one? Yup... I think that might be it.
It is a retread of an issue that was discovered and fixed two years ago or so. All you Mac users, go ahead and try the vulnerability test... let us know if your calculator pops up. Mine didn't.
I was pinged to this story yesterday and checked my G5 running OSX.4.5 and found it DIDN'T WORK! I decided it was FUD and elected not to post it as it had been reported on February 2nd and got absolutely no notice because it was FUD... but now it has been posted so ...
|
Basically, its another Trojan proof of concept.
Just payback for the interminable Windows bashing that goes on. In 23 years of PC using I've had two viruses. One was Melisa, which got past all the best virus scanners for the for a couple of days. Fortunately it didn't destroy anything.
The other was in a game I downloaded from CNET. Not a virus, but a package of adware. That was the worst. CNET pulled the game after a couple of days.
Macs are perfect. Saint Steve says so.
http://www.versiontracker.com/dyn/moreinfo/macosx/26735
http://www.icab.de/
http://www.caminobrowser.org/
http://www.mac360.com/index.php/mac360/more/why_tera_dumped_safari_and_firefox_the_new_best_mac_browser/
http://www.mac360.com/index.php/mac360/comments/camino_browser_ready_for_mac_prime_time/
We keep saying it because it's true. We h@v3 noooooooooooooooooooooooo pr**bl&mmmssszzzzzzzzzzz. NikNikNikNik waaaaaaaaaaaaaaaaaaaaaa
gloop
I don't remember him ever saying they were perfect. Did he say that?
I just spent two and a half days cleaning spy & adware off a XP machine at work. I have yet to have that experience with a Mac.
Largely on FR by Apple users, actually.
If you think I'm an Apple hater, you're sadly mistaken. I've owned as many Apple products (starting with Apple II+ and have currently the top of the line iPod) as many serious Apple devotees have or do. I just don't drink the kool-aid nor do I have an emotional attachment to a damn computer like the vast majority of Apple users.
I also don't make uninformed assumptions like someone else on this forum obviously did!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.
