Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Another critical OS X vulnerability

Another critical OS X vulnerability

by Nikola Strahija on February 22nd, 2006 An extremely critical vulnerability in Mac OS X allows malicious attackers to rename any file in ZIP archive to sound safe.


-The vulnerability is caused due to an error in the processing of file association meta data in ZIP archives (stored in the "__MACOSX" folder) and mail messages (defined via the AppleDouble MIME format). This can be exploited to trick users into executing a malicious shell script renamed to a safe file extension stored in a ZIP archive or in a mail attachment, says Secunia in its advisory. Secunia has also published a proof-of concept that confirmed the vulnerability on a fully patched system with Safari 2.0.3 (417.8), Mail 2.0.5 (746/746.2), and Mac OS X 10.4.5.

The one to blame for this vulnerability is Mac OS Finder, which OS X uses to view and organize files. It identifies the files according to the extensions, but runs them based on file permissions.

Safari browser is also vulnerable; because it's by default set to open files, it comes upon on the web.

Security experts think this is only the first instance of the bug. -The attacker doesn't need to send a ZIP archive; the shell script itself can be disguised to practically anything, SANS institute stated.

Apple is still working on a patch. Until one is available, Mac OS X users are advised to disable the "Open safe files after downloading" option in Safari.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »