Macintosh security tools developer Intego announced Friday that it has identified a "critical" vulnerability in Apple's OS X desktop operating system.
Mac users who thought they didn't have to deal with the security headaches of their Windows counterparts should think again. Macintosh security tools developer Intego announced Friday that it has identified a "critical" vulnerability in the Mac OS X desktop operating system.
Long considered a more secure desktop OS, primarily because it lacked the breadth of Windows and thus was less of a target, OS X has recently come under increasing fire from hackers. Last week, security experts reported two new Mac-focused viruses, one that targets Apple chat users and another that exploits a flaw in Apple's Bluetooth software.
This new problem is a Mac OS X metadata exploit. Intego released a statement explaining that "compressed archives can contain resource forks and HFS metadata stored in an invisible '__MACOSX' folder. Data contained in these resource forks and HFS metadata can mask the real type of a file in the archive, causing shell scripts to execute if users double-click such files."
Intego advises Safari users who have not turned off auto-execution of "safe" files will download the malicious Zip archive, which will then execute. Even if this option is turned off, the Zip archive will download, and a user may double-click it to decompress it, then double-click its contents, causing the file to execute.
Intego also uncovered an additional exploit in which a malicious user can hack a Web site and add a script to a page that generates a Zip archive containing executable code. A user merely needs to visit a Web page to trigger it: The script actually creates the Zip archive; the file itself does not need to be on the hacked server or any other server, meaning that users may go to a Web site where they expect to download legitimate files such as zipped graphics, video or other applications and end up with a potentially dangerous executable.
The company suggests that Safari users uncheck the option Open "safe" files after downloading, found in Safari's General preferences, and Intego also offers VirusBarrier X and X4 solutions that provide protection from this type of file.
In related news, earlier this week, Symantec Security Response confirmed the new vulnerability in the Macintosh OS X version 10.4, rating it as high severity. Symantec also is counseling users to turn off the "Open safe files after downloading option" in their Safari browsers and watch for further information from Apple. The most up-to-date information from the company can be found at http://docs.info.apple.com/article.html?artnum=108009.
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.