/>
X
Business

Mac OS X UDIF disk image critical exploit released

The MoKB (Month of Kernel Bugs) has posted details of a critical flaw in the AppleDiskImageController for Mac OS X along with the proof-of-concept.  This exploit can trigger kernel-mode arbitrary code execution which means the attacker can run anything they want on your computer with all privileges.
george-ou.jpg
Written by George Ou on

The MoKB (Month of Kernel Bugs) has posted details of a critical flaw in the AppleDiskImageController for Mac OS X along with the proof-of-concept.  This exploit can trigger kernel-mode arbitrary code execution which means the attacker can run anything they want on your computer with all privileges.  According to the MoKB website, "It's been tested on an up-to-date (20-11-2006) Mac OS X installation, running on an Intel 'shipping' Mac".

Since the DMG image structure files can be downloaded and automatically executed as a "safe" file by Safari, it is highly recommended that Mac OS X users deactivate the open after download feature for DMG files.  Users should also be wary of manually opening any DMG files.

Editorial standards

Related

How to use your phone to diagnose your car's 'check engine' light
BlueDriver Bluetooth dongle

How to use your phone to diagnose your car's 'check engine' light

Google Play malware: If you've downloaded these malicious apps, delete them immediately
a-man-sitting-in-his-living-room-looking-at-his-smartphone-with-concern

Google Play malware: If you've downloaded these malicious apps, delete them immediately

Safeguard your iPhones, iPads and Macs: Apply these security updates now
Locked iPhone in front of Mac

Safeguard your iPhones, iPads and Macs: Apply these security updates now