No matter if it's about Linux, Mac OS, Windows or Solaris, absolute security doesn't exists yet, since all these are creations of
the human brain, and none of them is perfect. Anyway, let's leave the rest behind and get back to our Mac's operating system and another security flaw that has been discovered these days...
This time, it's an independent vulnerability analyst that screams "danger", and he has a good reason. This guy is working as part of the "Month of Kernel Bugs" campaign and he made public the way to this new OS X hole on Nov. 22. The problem isn't really complicated, since the researcher known only as "LMH" wrote that "Mac OS X fails to properly handle corrupted image structures, leading to an exploitable denial of service condition".
As usual, Apple representatives didn't make any comments regarding this issue, although Secunia classified this exploit as being "highly critical", and this is the second most severe threat ranking. Although this exploit can be used by local users, malware writers can use it too, in order to compromise the security of a vulnerable system.
The reason of the vulnerability I am talking about here is "an error in the OS X AppleDiskImageController when the system is handling corrupted image files and can be exploited to cause a memory corruption", stated Secunia.
The Month of Kernel Bugs isn't hunting only OS X vulnerabilities, since this is an effort that tries to expose all known vulnerabilities of the main existing operating system kernels. Earlier this month, Symantec highlighted the ever increasing number of holes that keep being discovered in Apple's software, and this is one unfortunate way to bring Microsoft and Apple closer...
The good part about this whole business is that, at this time, hackers' attacks on Apple systems were less aggressive then those targeting Windows systems, although exploiting OS X vulnerabilities doesn't seem to be much more or less difficult, so all there is to do now is keep your finger crossed and hope you're not the next target, at least until the existing problems are fixed...
Find us on Google+
No user comments yet.
Be the first to express your opinion!
