An exploit for a security bug in Apple’s Mac OS X
operating system could be used to carry out denial of service
attacks, the US Computer Emergency Readiness Team (US-CERT) has
warned.
The warning follows an advisory notice about the flaw issued by
the French Security Incident Response Team last week.
US-CERT warned that a proof-of-concept exploit for the unpatched
vulnerability in Mac OS X was publicly available.
“The exploit targets a flaw in the way that Mac OS X handles
disc image structures (DMG files) resulting in memory corruption,
causing a denial of service or possibly arbitrary code execution,”
said an advisory posted on the US-CERT website.
Mac users could protect themselves by turning off the default
setting that allows “safe” files to automatically open after
downloading.
“We strongly encourage users not to open files from untrusted
sources,” US-CERT advised.
Apple machines have been seen as relatively safe from attack,
with most malware targeting Windows users. But in September Apple
was forced to release a new version of its QuickTime media player
to close security holes, while earlier this month, security experts
reported a new virus - OSX.Macarena – targeting Macs. The threat
level from the virus was “very low” because it did not replicate
effectively.
Comment on this article:
computer.weekly@rbi.co.uk