New Zero-Day Mac OS X Flaw

November 22nd, 2006

cnet discusses the exploit here: Attack code targets zero-day Mac OS X flaw

kernel fun describes his attack here:

Mac OS X com.apple.AppleDiskImageController fails to properly handle corrupted DMG image structures, leading to an exploitable memory corruption condition with potential kernel-mode arbitrary code execution by unprivileged users.

He also is investigating if this is actually been used in the wild.

You can see some of the debate about this exploit on a follow-up blog post about the exploit.

Secunia has stated that this exploit is highly critical:

LMH has reported a vulnerability in Mac OS X, which potentially can be exploited by malicious, local users to gain escalated privileges or by malicious people to compromise a vulnerable system.

Secunia has also published the current protective work-around:

Deactivate the option “opening safe files after downloading” in the preferences and grant only trusted users access to affected systems.

Posted by davak Filed in Apple

2 Responses to “New Zero-Day Mac OS X Flaw”

  1. Johnny Says:
    November 24th, 2006 at 3:57 pm

    So this is why Q has been hiding for the last few days… =P

  2. Use Google Reader to Keep Track of Comments -- “Johnny’s Brain”.thoughts do {|t| t.blog } Says:
    November 25th, 2006 at 7:49 pm

    […] This is where the tagging support in Google Reader makes me giddy with happiness. Let’s say I’m reading a post by David on the New Zero-Day Mac OS X Flaw.  Now I know that my buddy Quinn worships at the altar of Apple, so I leave a comment just to see what response he’s going to give, and then I tag the post with “Commented” by hitting the “t” key and typing in the tag: […]

Leave a Reply