Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Zero-Day Exploit Turns Up Heat On Mac OS X

An exploit for the recenty-disclosed zero-day vulnerability in Apple Computer's Mac OS X has gone public, security vendors said Thursday, increasing the risk that the bug will be used by attackers.

Code has been posted to the Metasploit Project site, which rolls out exploit modules for its Framework tool on a regular basis. The code targets the so-called "Safe file" flaw in Apple's Safari browser.

The exploit, which was crafted by someone identified as "HD Moore," who has been credited with other exploits posted for Metasploit's Framework, uses a malicious ZIP file containing a shell script.

"[This] targets a vulnerability in the Safari Web browser 'Safe file' feature, which will automatically open any file with one of the allowed extensions," said Symantec in a warning to customers of its DeepSight Threat Management System. "A malicious user may provide a crafted archive file which contains shellcode to be executed on the browser's system."

Symantec repeated advice from earlier this week that Mac administrators should disable the "Open Safe Files" feature in Safari.

  • 1