Exploit Released for Unpatched Mac OS X Bug


The "Month of Kernel Bugs strikes again. At the beginning of the month, a security researcher known only as LMH started the project to highlight unpatched flaws that are so severe that malicious attackers could use them to completely subvert the security of vulnerable computers. On Monday, the project's curator released instructions for targeting a serious flaw in the way Mac OS X systems processes certain types of files.

This particular exploit targets a vulnerability in the way that most Macs process files ending in ".DMG", a file type commonly encountered when Mac users download a software install. Clicking on the proof-of-concept DMG file listed on the MoKB homepage with a brand new Mac OS X 10.4.8 installation caused the system to throw up a prompt telling me that I needed to restart my computer by holding down the power button or restarting the machine. Exploit Released for Unpatched Mac OS X Bug - Security Fix

Linked by shanmuga Wednesday, 22nd November 2006 2:01AM