04:00 PM
Connect Directly
Repost This

Mac OS X Comes Under Fire From Hackers

Macintosh security tools developer Intego announced Friday that it has identified a "critical" vulnerability in Apple's OS X desktop operating system.

Mac users who thought they didn't have to deal with the security headaches of their Windows counterparts should think again. Macintosh security tools developer Intego announced Friday that it has identified a "critical" vulnerability in the Mac OS X desktop operating system.

Long considered a more secure desktop OS, primarily because it lacked the breadth of Windows and thus was less of a target, OS X has recently come under increasing fire from hackers. Last week, security experts reported two new Mac-focused viruses, one that targets Apple chat users and another that exploits a flaw in Apple's Bluetooth software.

This new problem is a Mac OS X metadata exploit. Intego released a statement explaining that "compressed archives can contain resource forks and HFS metadata stored in an invisible '__MACOSX' folder. Data contained in these resource forks and HFS metadata can mask the real type of a file in the archive, causing shell scripts to execute if users double-click such files."

Intego advises Safari users who have not turned off auto-execution of "safe" files will download the malicious Zip archive, which will then execute. Even if this option is turned off, the Zip archive will download, and a user may double-click it to decompress it, then double-click its contents, causing the file to execute.

Intego also uncovered an additional exploit in which a malicious user can hack a Web site and add a script to a page that generates a Zip archive containing executable code. A user merely needs to visit a Web page to trigger it: The script actually creates the Zip archive; the file itself does not need to be on the hacked server or any other server, meaning that users may go to a Web site where they expect to download legitimate files such as zipped graphics, video or other applications and end up with a potentially dangerous executable.

The company suggests that Safari users uncheck the option Open "safe" files after downloading, found in Safari's General preferences, and Intego also offers VirusBarrier X and X4 solutions that provide protection from this type of file.

In related news, earlier this week, Symantec Security Response confirmed the new vulnerability in the Macintosh OS X version 10.4, rating it as high severity. Symantec also is counseling users to turn off the "Open safe files after downloading option" in their Safari browsers and watch for further information from Apple. The most up-to-date information from the company can be found at

Comment  | 
Print  | 
More Insights
The Agile Archive
The Agile Archive
When it comes to managing data, donít look at backup and archiving systems as burdens and cost centers. A well-designed archive can enhance data protection and restores, ease search and e-discovery efforts, and save money by intelligently moving data from expensive primary storage systems.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Elite 100 - 2014
Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators.
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.