US follows France in warning on Apple vulnerability

An exploit for a security bug in Apple’s Mac OS X operating system could be used to carry out denial of service attacks, the US Computer Emergency Readiness Team (US-CERT) has warned.

An exploit for a security bug in Apple’s Mac OS X operating system could be used to carry out denial of service attacks, the US Computer Emergency Readiness Team (US-CERT) has warned.

The warning follows an advisory notice about the flaw issued by the French Security Incident Response Team last week.

US-CERT warned that a proof-of-concept exploit for the unpatched vulnerability in Mac OS X was publicly available.

“The exploit  targets a flaw in the way that Mac OS X handles disc image structures (DMG files) resulting in memory corruption, causing a  denial of service or possibly arbitrary code execution,” said an advisory posted on the US-CERT website.

Mac users could protect themselves by turning off the default setting that allows “safe” files to automatically open after  downloading.

“We strongly encourage users not to open files from untrusted sources,” US-CERT advised.

Apple machines have been seen as relatively safe from attack, with most malware targeting Windows users. But in September Apple was forced to release a new version of its QuickTime media player to close security holes, while earlier this month, security experts reported a new virus - OSX.Macarena – targeting Macs. The threat level from the virus was “very low” because it did not replicate effectively.

Comment on this article: computer.weekly@rbi.co.uk

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on Hackers and cybercrime prevention

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

  • Dissecting the Hack

    In this excerpt from chapter three of Dissecting the Hack: The V3RB0TEN Network, authors Jayson E. Street, Kristin Sims and Brian...

  • Digital Identity Management

    In this excerpt of Digital Identity Management, authors Maryline Laurent and Samia Bousefrane discuss principles of biometrics ...

  • Becoming a Global Chief Security Executive Officer

    In this excerpt of Becoming a Global Chief Security Executive Officer: A How to Guide for Next Generation Security Leaders, ...

SearchNetworking

SearchDataCenter

SearchDataManagement

Close