Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

It gets worse – OS X vulnerability

February 21st 2006 in Uncategorized

Update: ICSAN says it is worse than first though:
http://isc.sans.org/diary.php?storyid=1138


“This actually looks more serious then we initially thought it is. The workaround specified above will prevent Safari from automatically executing the PoC file, but it looks like your machine is still vulnerable and it doesn’t need Safari to run this file at all.”


Original blog article:
http://msmvps.com/blogs/spywaresucks/archive/2006/02/21/84348.aspx


Edit: Secunia have caught up 🙂
http://secunia.com/advisories/18963/


Comments are closed.

Richard Harper spotted this little nasty and sent a heads-up to a mailing list I monitor ….
http://www.heise.de/english/newsticker/news/69862
“The demo attempts to open a Terminal window to display the contents of a folder.  If you are running Mac OS X in its standard configuration and use Safari, the window will open without waiting for a prompt. The […]

Previous Entry

It happens every time a new version of Internet Explorer is released… Web sites break.
Why do they break? Because the sites are coded to detect up to a certain version of IE.  Anything newer than whatever browser version was public at the time a site was coded is either rejected out of hand, or served a CSS script […]

Next Entry

Archives