News

US follows France in warning on Apple vulnerability

Tash Shifrin

An exploit for a security bug in Apple’s Mac OS X operating system could be used to carry out denial of service attacks, the US Computer Emergency Readiness Team (US-CERT) has warned.

The warning follows an advisory notice about the flaw issued by the French Security Incident Response Team last week.

US-CERT warned that a proof-of-concept exploit for the unpatched vulnerability in Mac OS X was publicly available.

“The exploit  targets a flaw in the way that Mac OS X handles disc image structures (DMG files) resulting in memory corruption, causing a  denial of service or possibly arbitrary code execution,” said an advisory posted on the US-CERT website.

Mac users could protect themselves by turning off the default setting that allows “safe” files to automatically open after  downloading.

“We strongly encourage users not to open files from untrusted sources,” US-CERT advised.

Apple machines have been seen as relatively safe from attack, with most malware targeting Windows users. But in September Apple was forced to release a new version of its QuickTime media player to close security holes, while earlier this month, security experts reported a new virus - OSX.Macarena – targeting Macs. The threat level from the virus was “very low” because it did not replicate effectively.

Comment on this article: computer.weekly@rbi.co.uk


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy