Nasty Security Hole Discovered in OS X

Home

Today's Date

Tuesday February 07, 2012

Main Menu

Apple Stock Price

QuoteRSS.com: AAPL: 338.5801 at 3:24pm 4/5/2011

Friends & Family

Stock Quotes

Latest Joy of Tech

News Headlines

Technology News

Apple News

Science Headlines

Favorite Sites

Gizmodo

MacNN

Wired News

MacRumors

Deal-Mac

MacUpdate

Penny Arcade

SinFest

XKCD

Site Info

Nasty Security Hole Discovered in OS X

Thursday, 20 May 2004 17:57

Wired reports on a serious security hole in Mac OS X today. The vulnerability permits a person to design a web page that can run programs or execute AppleScript or Unix command line code on your computer.

Such code could be used for any number of nefarious purposes. Among the exploits that are possible are changing permissions to lock you out of your own data, uploading your confidential files and personal information to a hacker's server or deleting whole directories. The programmer is limited by the permissions of the user who is logged in at the time, so unless you log in as root most of your system files will be immune from deletion, but it is not difficult to come up with a scenario where enough damage was done to make a system unbootable.

This is the first time that OS X has shown a vulnerability of this order -- such vulnerabilities are common in Microsoft's Windows operating systems.

Secunia, a Danish security company, announced the vulnerability on Tuesday, rating it extremely critical. Until that warning was issued, there was very little public notice of the problem. The vulnerability was first discovered and reported to Apple in February, but Apple has failed to address the issue with a security update and some exploits have began to turn up on the web.

The exploits work by executing code through the Help Viewer application under any version of Mac OS X. The Help Viewer is launched remotely by either of two protocols, "help" and "disk." Benign examples may be found on this web site:
http://bronosky.com/pub/AppleScript.htm

There Is A Fix

Any user should be able to make their system immune from this kind of attack with ease. It is done by changing the default application that is run when "help" or "disk" protocols are used on a web page. A free application called More Internet makes the process simple and intuitive. More Internet is a Preference Pane that allows you to designate any application to execute any internet protocol. I set it to launch TextEdit on my Mac. I had to create a new record for the "disk" protocol with More Internet under Panther (Mac OS 10.3), but that was done in just a few seconds. After using More Internet, my system is no longer vulnerable to this attack.

Comments

No comments have been added yet. Be the first to comment...

The Cult of the Cool Mac: Made with 100% USDA real meat!