GFI LANguard Network Security Scanner - Network-wide security vulnerability scanning & fixing - Free version available.
Network Security Software - Sponsored by GFI Network Security.
|
Mac OS X hit with another security hole
Tuesday, 18 May 2004, 14:20 GMT
Another "highly critical" hole has been found in Apple Computer's Mac OS X operating system, which will allow remote system access by getting someone to visit a malicious website. The vulnerability deals with how basic internet elements are addressed in the OS' help facility which allow arbitrary local scripts to be executed on a user's machine. It is also possible to place files in a known location on a system by asking users to download a ".dmg" disc image file. A default browser option in Explorer and Safari will mean a single user click is enough to drive the whole process.
The combination of the two holes, tested and confirmed by security experts Secunia, can allow system access to be achieved "very simply", said Secunia chief technology officer Thomas Kristensen. The holes affect Safari 1.x and Explorer 5.x.
The solution is to change browser options and rename the help URI handler, Kristensen said.
In the past fortnight, controversy has reigned over security vulnerabilities in the Mac OS, with three security companies accusing Apple of downplaying significant security holes twice and leaving their customers at risk of compromise.
Read More at ' '
Back to main page
|
Friday, May 6, 2005
Network Security
Wireless Security
InfoSec Directory
Press Releases
|
