Re: [Fed-Talk] "More security problems bite Apple"-RNZ
Re: [Fed-Talk] "More security problems bite Apple"-RNZ
- Subject: Re: [Fed-Talk] "More security problems bite Apple"-RNZ
- From: Michael Pike <email@hidden>
- Date: Fri, 24 Feb 2006 13:13:34 -0700
The FIRST thing I did when I got my apple was disable automatic
loading of files. Someone says "wow you could do this", so now he is
an expert?
Lots of idiots in the world man,
Mike
On Feb 24, 2006, at 11:57 AM, email@hidden wrote:
The last sentence of the article states that the loophole by
changing some
preferences....sure would be nice if they stated which ones. I
agree in a Gov
environment it was hard enough to get Macs in lets be proactive
with Fix-its
and info on Security issues. When I heard of the security problem
I went
straight to Apple.com to find out some info and I couldn't find a
thing, I
figured it would be front page information....damage control.
"More security problems bite Apple (http://tvnz.co.nz/view/page/
488120/664776)
Virus attacking Apple Mac PCs found
Feb 23, 2006
Experts have uncovered a serious security bug in the way Apple
software handles
downloaded files.
The flaw could give malicious attackers a back door into Mac
computers if users
visit carefully crafted websites and download booby-trapped files.
Although no attackers were known to be exploiting the bug, experts
said it was
easy to write code to take advantage of the flaw.
Separately, three concept viruses for Apple computers have been
discovered.
The discovery of the bug opens up Apple users to so-called "drive-
by downloads"
that plague users of the Window operating system and are used by
makers of
adware and spyware to install their software on victims' PCs.
Discovered by University of Ulm student Michael Lehn, the loophole
arises
because of the way that Apple's OSX operating handles downloaded
files.
Although OSX displays an icon for files based on the suffix it
finds on the
programme being downloaded i.e. jpg, it uses different criteria to
decide what
to do with these files. This makes it possible to have files look
benign by
labelling them as images but, behind the scenes the operating
system will know
it is dealing with a proper programme and run it as such.
Initially, the flaw was thought only to affect compressed or zipped
files but
the Internet Storm Center said it can be used for any file that
arrives on a
target machine.
So far, no net-based exploits of the bug are known to be in
existence but Apple
is known to be working on a fix for the flaw.
The operating system can also be made secure against the loophole
by changing
some preferences.
Source: RNZ"
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
40gmail.com
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden