Mac OS X UDIF disk image critical exploit released
Summary: The MoKB (Month of Kernel Bugs) has posted details of a critical flaw in the AppleDiskImageController for Mac OS X along with the proof-of-concept. This exploit can trigger kernel-mode arbitrary code execution which means the attacker can run anything they want on your computer with all privileges.
The MoKB (Month of Kernel Bugs) has posted details of a critical flaw in the AppleDiskImageController for Mac OS X along with the proof-of-concept. This exploit can trigger kernel-mode arbitrary code execution which means the attacker can run anything they want on your computer with all privileges. According to the MoKB website, "It's been tested on an up-to-date (20-11-2006) Mac OS X installation, running on an Intel 'shipping' Mac".
Since the DMG image structure files can be downloaded and automatically executed as a "safe" file by Safari, it is highly recommended that Mac OS X users deactivate the open after download feature for DMG files. Users should also be wary of manually opening any DMG files.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
Thank you George
You're welcome!
Drop automatically open "safe" files
automatically executed as a "safe" file by Safari, it is highly
recommended that Mac OS X users deactivate the open after
download feature for DMG files."
Apple please remove this feature, nothing should be considered
safe and this attack vector is repeatedly used!
I guess the definition of "safe" = non-executable
Mmm ...
Just goes to show that common sense is really the best form of security.
As a Mac user, thanks for bringing it to my attention (though I never would allow anything to autorun from a download anyway).
I imagine it's going to get rather loud in here, over the next day or so ...
So you already turned off autoload after the download?
George does not know English very well.
The original text reads as: "...leading to an exploitable memory corruption condition with potential kernel-mode arbitrary code execution by unprivileged users".
My Dictionary gives me the following about potential:
potential adjective a potential source of conflict possible, likely, prospective, future, probable; latent, inherent, undeveloped.
So what makes you so sure, that this exploit can indeed lead to code execution? Please show us your proof.
Kind regards
PS
And yes I think, that the "Open safe files..." option should be turned off by default.
The definition of "is"
Take this article for what it is: a succinct article trying to help protect you as the consumer by alerting you to a possible failure in your chosen system. Leave the parsing to computers.
Best Intentions,
Not quite...
I never autorun downloaded files on any platform. Mac or otherwise. As I said, a little common sense can go a long way.
How do you choose to avoid autodownloading?
I don't use Safari ...
... am I missing the point here?
The suggestion to turn off "open safe files"
saying that malicious code could be downloaded with a jpeg. I
don't know if it comes on or off as the Safari default. Checked
mine just now and it's off but can't remember it I did that or it
came that way.
Ah -- yes . . .
patch some time earlier in the year (I can't remember when -- it
could have been even late last year) and there was a whole dustup
here about it.
I have had mine turned off for ages now. No problems ever.
Thanks
I have fixed 2 of the flaws on different laptops with wireless cards.
But my concearn is how log are the people waiting for replies from the vendors before they are releasing these?
Anything under 2weeks scares me and makes me wonder if they are doing this for the right reasons.
They usually wait a month, maybe more
A Note to George
Thanks for the input. It has been noted, and taken under
advisement. Agenda neutral advisories will penetrate the kool-
aid soaked robes. ABM'ers are not obtuse, we are simply
advocates of a kind of platform affirmative action and a return of
balance to the marketplace.
There has never been a question of Apple's falibility.
Comparisons allow informed choice however. As Microsoft has
now moved to restrict open source through legal threats, Apple's
IP may be seen as the only option to a Microsoft license. In light
of this, Apple's restrictions of hardware choice will pale in
comparison to the removal of software (OS) choice.
Software is the computer. Would anyone disagree with this? The
issue of hardware diversity has continued to be a bit of a red
herring.
It is possible, that there is now only 2 effective choices of
unincumbered IP, with one choice representing a fraction of the
marketshare. Let's continue to be wary of the kind of
grandstanding that puts that small amount at risk. Apple is not
the enemy. Far from it. The competition benefits us all,
regardless which platform we choose. It's an antidote to a
tecnological monoculture. The larger issues of market stability
and technical innovation depend on this interplay between
competitors.
Apple users don't want special treatment. They want credibility
for what is a technically accomplished and commercially
competitive OS. Labeling this logic gate "cool" and this other
logic gate "business like" is not helpful. If we are to apply this
technology to our lives we need choices. To understand the
choices we need objective discourse. If 5% of the market has to
shout to reach the din of the other 95% and achieve this
discourse, then that's what we're going to do.
As alternatives to a Windows license dwindle, try to understand
why some level of hyperbole becomes the weapon of choice in a
hopelessly imbalanced war.
WTF?
Oh and btw, regardless of what Microsoft is or isn't doing around Linux. It's still the choice of the smart and informed user.
Take that you smug POS. :)
Wow, I thought this was a professional forum
professional
"Thought", as in past tense? Do you still think that?
I see you want to make a stand.
Apple chooses to control both Hardware and Software, they are offering more of a lock-in than Windows. They are an alternative and appear to provide competition and so I root for them to win any chunk of the market they can get, but as they grow in market share, they will become more and more targeted. Linux is quicking finding the crosshairs on them as they begin to take up the server space.