14 DAY TRIAL // Charlie Miller, a researcher for the Baltimore-based Internet Security Evaluators, has discovered new vulnerabilities in Apple’s Mac operating system, particularly mentioning the Preview application. As many as 30 such critical bugs (20 of which are present in Snow Leopard’s Preview) have been found by the renowned hacker, who plans to unveil his latest research at the CanSecWest security conference in Vancouver, later this year.
Miller’s findings are described in a recent report by Forbes, which mentions, “30 previously unknown critical security vulnerabilities” found by Miller, “20 of which are in Apple's Preview application.” Citing the security expert, the paper reports that, “[Miller has] found 20 different ways that a cybercriminal could hijack the machine of any Mac user tricked into opening an infected PDF--or given that Safari uses the same code as Preview to render PDFs, simply visiting an infected Web page.” The report notes this as a record haul of bugs even for the notorious hacker.
Miller reportedly ran a “fuzzer” program on three applications inside Mac OS X. Initially, the security analyst allegedly found a whopping 1,000 unique ways to make those applications crash. He then had a closer look at what he’d discovered in terms of security bugs, trying to see just how many would allow him to gain control of the program. “The results don't look good for Apple,” Forbes reports, citing the same Charlie Miller. “20 exploitable bugs in Preview compared with either 3 or 4 each in Reader, PowerPoint, and OpenOffice.”
While some may regard this as all-in-a-day’s-work for Miller, the hacker himself was reportedly surprised to find any bugs at all, using the aforementioned method, let alone 20 in a single app. According to the same source, Miller said that, “The high number of bugs shows that companies like Apple still aren't taking basic steps in their own security testing.” His exact words were, “It’s shocking that Apple didn’t do this first. The only skill I’ve used here is patience.” Apple could not be reached for a comment, the paper says.