14 DAY TRIAL // A post over at PC Tools’ iAntivirus blog reveals that, “A new exploit code has been seen in the wild that attacks Windows, Unix, Linux, and Mac OSX systems.” The company developing antivirus software claims that the exploit itself is rather old-style and short, but effective nonetheless, given this ambitious range of targets.
“It takes advantage of a buffer overflow vulnerability in Sun’s Java Runtime Environment,” PC Tools explains, referring to the exploit in question. “It occurs when a specially crafted file://URL argument is passed to the getSoundbank() function that can allow a remote attacker to execute arbitrary code. PC Tools iAntivirus detects the exploit code as Exploit.OSX.Snid.b in the latest database,” the analysis continues. The bug’s official description is also provided:
Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in an argument, aka Bug Id 6854303.
According to PC Tools, users are highly advised to upgrade to the latest version of Java from Sun Microsystem’s website. Unfortunately for Mac users, this hole cannot be plugged until Apple itself issues a software update for Mac OS X. Until then, iAntivirus will allow Mac users to be protected against threats, PC Tools claims. iAntivirus is designed to provide a comprehensive system scanning and real-time protection to ensure one's Mac remains safe and virus free. The latest version (1.36) supports Mac OS X 10.6 Snow Leopard and requires an Intel processor. It’s a small, 3.5 MB download, while users are required just 15MB of free disk space for the full installation. One user license costs $34.