Mac OSX vulnerability announced

Paul K · 22-11-2006, 07:04

Quote:

Secunia Advisory: SA23012
Release Date: 2006-11-21
Critical:
Highly critical
Impact: Privilege escalation
DoS
System access
Where: From remote
Solution Status: Unpatched
OS: Apple Macintosh OS X

Quote:

The vulnerability is caused due to an error in com.apple.AppleDiskImageController when handling corrupted DMG image structures. This can be exploited to cause a memory corruption and may allow execution of arbitrary code in kernel-mode.

The vulnerability is reported in a fully patched Mac OS X (2006-11-20). Other versions may also be affected.

Solution:
Deactivate the option "opening safe files after downloading" in the preferences and grant only trusted users access to affected systems.

Just in case anyone might be at risk from this.

Stuart · 22-11-2006, 09:14

22-11-2006, 09:36

anyone mind if I smile smuggly for a bit

Stuart · 22-11-2006, 09:58

No, we can just point you to the loads that have been discovered in Windows since the last Mac one was discovered..

22-11-2006, 10:46

yeah I know but it just goes to show there is no such thing as secure

Stuart · 22-11-2006, 10:51

Always a good thing to to remember...

22-11-2006, 18:15

Ohh ohhhhh ohhh! I was just about to post this news!!!!

Not that I'm smiling and laughing at all you Mac geeks think that you are immune to viruses and security holes....

Ohh how the worm has turned!

You smug Mac users - put that in your pipe and smoke it!!!!!

**Damien** · 22-11-2006, 18:22

Grow Up. We just said its a more secure system. Which it is.