News
News
2/24/2006
04:00 PM
Connect Directly
RSS
E-Mail
50%
50%

Mac OS X Comes Under Fire From Hackers

Macintosh security tools developer Intego announced Friday that it has identified a "critical" vulnerability in Apple's OS X desktop operating system.

Mac users who thought they didn't have to deal with the security headaches of their Windows counterparts should think again. Macintosh security tools developer Intego announced Friday that it has identified a "critical" vulnerability in the Mac OS X desktop operating system.

Long considered a more secure desktop OS, primarily because it lacked the breadth of Windows and thus was less of a target, OS X has recently come under increasing fire from hackers. Last week, security experts reported two new Mac-focused viruses, one that targets Apple chat users and another that exploits a flaw in Apple's Bluetooth software.

This new problem is a Mac OS X metadata exploit. Intego released a statement explaining that "compressed archives can contain resource forks and HFS metadata stored in an invisible '__MACOSX' folder. Data contained in these resource forks and HFS metadata can mask the real type of a file in the archive, causing shell scripts to execute if users double-click such files."

Intego advises Safari users who have not turned off auto-execution of "safe" files will download the malicious Zip archive, which will then execute. Even if this option is turned off, the Zip archive will download, and a user may double-click it to decompress it, then double-click its contents, causing the file to execute.

Intego also uncovered an additional exploit in which a malicious user can hack a Web site and add a script to a page that generates a Zip archive containing executable code. A user merely needs to visit a Web page to trigger it: The script actually creates the Zip archive; the file itself does not need to be on the hacked server or any other server, meaning that users may go to a Web site where they expect to download legitimate files such as zipped graphics, video or other applications and end up with a potentially dangerous executable.

The company suggests that Safari users uncheck the option Open "safe" files after downloading, found in Safari's General preferences, and Intego also offers VirusBarrier X and X4 solutions that provide protection from this type of file.

In related news, earlier this week, Symantec Security Response confirmed the new vulnerability in the Macintosh OS X version 10.4, rating it as high severity. Symantec also is counseling users to turn off the "Open safe files after downloading option" in their Safari browsers and watch for further information from Apple. The most up-to-date information from the company can be found at http://docs.info.apple.com/article.html?artnum=108009.

Comment  | 
Print  | 
More Insights
IT's Reputation: What the Data Says
IT's Reputation: What the Data Says
InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Government Oct. 20, 2014
Energy and weather agencies are busting long-held barriers to analyzing big data. Can the feds now get other government agencies into the movement?
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A roundup of the top stories and trends on InformationWeek.com
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.