US follows France in warning on Apple vulnerability


US follows France in warning on Apple vulnerability

Tash Shifrin

An exploit for a security bug in Apple’s Mac OS X operating system could be used to carry out denial of service attacks, the US Computer Emergency Readiness Team (US-CERT) has warned.

The warning follows an advisory notice about the flaw issued by the French Security Incident Response Team last week.

US-CERT warned that a proof-of-concept exploit for the unpatched vulnerability in Mac OS X was publicly available.

“The exploit  targets a flaw in the way that Mac OS X handles disc image structures (DMG files) resulting in memory corruption, causing a  denial of service or possibly arbitrary code execution,” said an advisory posted on the US-CERT website.

Mac users could protect themselves by turning off the default setting that allows “safe” files to automatically open after  downloading.

“We strongly encourage users not to open files from untrusted sources,” US-CERT advised.

Apple machines have been seen as relatively safe from attack, with most malware targeting Windows users. But in September Apple was forced to release a new version of its QuickTime media player to close security holes, while earlier this month, security experts reported a new virus - OSX.Macarena – targeting Macs. The threat level from the virus was “very low” because it did not replicate effectively.

Comment on this article:

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy