Network Computing is part of the Informa Tech Division of Informa PLC
Mac OS X Suffers From "Critical" Flaw
Several security companies warned users of a critical vulnerability in Apple Computer's OS X Tuesday that could let attackers cripple a Mac simply by duping them into visiting a malicious Web site.
Apple confirmed the vulnerability hours later. "We're working on a fix so
that this doesn't become something that could affect customers," a spokesman
for the Cupertino, Calif.-based company said.
ZIP files are considered safe by OS X, but by tweaking the archive file, attackers could pack a ZIP with malicious scripts that the Mac would automatically run, said German firm Heise Security, one of the first to publish an advisory.
The bug, noted Heise, could be invoked without user interaction via the bundled Safari browser and its default setting of "Open Safe Files after downloading."
"Problems ensue if a shell script is stored into a ZIP archive without the so-called 'shebang line,'" wrote Heise in its advisory. "If this line is omitted, Safari no longer recognizes the content as potentially dangerous and executes shell commands without a confirmation prompt."
Recommended For You
What skills do network managers really need to properly secure industrial networks? What new protocols, frameworks, and regulations are important? And what conferences and certifications can help? Here are five tips to get started.
A full-stack approach to retail edge offers retailers a way to optimize operations and adapt to changes in a post-pandemic world.
Network management tool sprawl is getting in the way of network management. It’s time for IT to do something about it.