Rating it "Critical", Secunia has validated the exploit, originally posted by LMH via MoKB (Month of Kernel Bugs). "This issue is remotely exploitable as Safari loads DMG files from external sources (ex. visiting an URL). This can be prevented by changing the Preferences and deactivating the functionality for 'opening "safe" files after downloading'."
LMH has reported a vulnerability in Mac OS X, which potentially can be exploited by malicious, local users to gain escalated privileges or by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error in com.apple.AppleDiskImageController when handling corrupted DMG image structures. This can be exploited to cause a memory corruption and may allow execution of arbitrary code in kernel-mode.
The vulnerability is reported in a fully patched Mac OS X (2006-11-20). Other versions may also be affected.
News source: Secunia
News source: MoKB Submission
LMH has reported a vulnerability in Mac OS X, which potentially can be exploited by malicious, local users to gain escalated privileges or by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error in com.apple.AppleDiskImageController when handling corrupted DMG image structures. This can be exploited to cause a memory corruption and may allow execution of arbitrary code in kernel-mode.
The vulnerability is reported in a fully patched Mac OS X (2006-11-20). Other versions may also be affected.
News source: Secunia News source: MoKB Submission
Normally, I hear "OSX is more secure than Windows". And there are certainly less exploits for it.
The only ones I ever hear say "infallible" are pathetic trolls... Now, go away until you learn to discuss things reasonably.
However, obnoxious can often be found in all upper-case posts that state absurdly extreme viewpoints.
Is OSX more secure or less exploited due to how small it's market share is??
However, some like to draw the conclusion from that if OSX marketshare was 90%, like Windows, then it would be just as exploited as Windows. And that is something that no one can be sure of, because software problems/exploits aren't driven by marketshare.
Plus, looking at it, either way you look at it (whether Unix-based security and better default settings, or marketshare) currently OSX is a lot better off security wise. And I look forward to a time when there is more than one OS that people consider when buying a PC. Microsoft needs competition from someone so they can keep on their toes and not become lazy.
However, obnoxious can often be found in all upper-case posts that state absurdly extreme viewpoints.
Clearly, Kushan is a moron without a bit of common understanding. The only thing he could afford is to pirate a copy of XP, as he doesn't have money to buy a Mac or knowledge to use Linux. Now, he can use CAPSLOCK proficiently, that's for sure. Just ignore the troll.
Actually he was being sarcastic, wasn't that hard to understand really, especially how he was so way over the top about it.
YOU however are being a troll. and a belittering insulting one at that. but I guess it helps to make yrouself seem just a little bit better than anyone else.
And for the record, yes I have hear Mac users claimthe infallibility of MacOS frequently. especially ion discussion regarding how MacOS don't get attack ebcause of the small target group and such, you frequently get the "No it's just not possible to write viruses/worms/exploits for Mac" group of people.
Normally, I hear "OSX is more secure than Windows". And there are certainly less exploits for it.
The only ones I ever hear say "infallible" are pathetic trolls... Now, go away until you learn to discuss things reasonably.
HAH!
The source of all the comments about INFALLIBLE security on OS/X comes straight from Apple and their bull**** ads.
Last edited by Joel on 22 Nov 2006 - 21:51
The source of all the comments about INFALLIBLE security on OS/X comes straight from Apple and their bull**** ads.
I take it you are referring to the "Viruses" ad? http://movies.apple.com/movies/us/apple/ge...ses_480x376.mov
Perhaps you can point to where they mention infallible security? I don't think you can, since they don't. They clearly point out the estimated number of viruses for PCs. Maybe you twist that around in your head in such a way that you think Apple says they are "infallible"? If so, I truly feel sorry for your ability to comprehend and think critically.
Last edited by Joel on 22 Nov 2006 - 21:52
However, obnoxious can often be found in all upper-case posts that state absurdly extreme viewpoints.
Clearly, Kushan is a moron without a bit of common understanding. The only thing he could afford is to pirate a copy of XP, as he doesn't have money to buy a Mac or knowledge to use Linux. Now, he can use CAPSLOCK proficiently, that's for sure. Just ignore the troll.
Actually he was being sarcastic, wasn't that hard to understand really, especially how he was so way over the top about it.
YOU however are being a troll. and a belittering insulting one at that. but I guess it helps to make yrouself seem just a little bit better than anyone else.
And for the record, yes I have hear Mac users claimthe infallibility of MacOS frequently. especially ion discussion regarding how MacOS don't get attack ebcause of the small target group and such, you frequently get the "No it's just not possible to write viruses/worms/exploits for Mac" group of people.
Of course I am a troll, for what do I know, eh? I can say the same thing about those Mac users claiming infallibility of MacOS X, and POSTING JUNK LIKE THAT is a sign of the lack of online etiquette - as Mark said, 'obnoxious can often be found in all upper-case posts that state absurdly extreme viewpoints'. So whatever appeals to you, kind sir.
http://www.ctrlaltdel-online.com/comic.php?d=20060513
Yes because you'd never had weird key sequences on a mac.. er.. hang on
http://blogs.technet.com/security/archive/...ity-trends.aspx
Check out the "Figures 7a and 7b: Platform vulnerabilities by percentage and by count thru September"...
I am not saying that it is brand new information but it puts it into light: that time for OS X is alredy here. Apple is still enjoying the remaining "it is much more secure" sentiment but as time goes on, it will wear off as more and more people learn to live with the reality.
http://projects.info-pull.com/mokb/MOKB-20-11-2006.html
One or two exploits that are usually patched quickly do not make an OS the most exploitable piece of software in the world.
Windows Firewall (included with...Windows) and Windows Defender (A free download for... yes, Windows) will protect your PC as much as you get with a Mac. And yes, straight out of the box. If you want anti-virus for Mac you have to buy it. If you want it for PC you have to buy or download it.
Or, just don't open crap in e-Mail and the Internet or share files and it's not really a problem.
The illusion that Macs are "safer out of the box" while Windows isn't is just a Mac Fanboy's fantasy.
Dream on, fanboys.
Windows Firewall (included with...Windows) and Windows Defender (A free download for... yes, Windows) will protect your PC as much as you get with a Mac. And yes, straight out of the box. If you want anti-virus for Mac you have to buy it. If you want it for PC you have to buy or download it.
Or, just don't open crap in e-Mail and the Internet or share files and it's not really a problem.
The illusion that Macs are "safer out of the box" while Windows isn't is just a Mac Fanboy's fantasy.
Dream on, fanboys.
Just to clear up the confusion....
Windows Defender is NOT an Anti Virus. Windows Firewall? I'd rather have Zone Alarm or and hardware firewall. To say that windows (It's my OS of choice, since I do a bit of gaming) is "safer" out of the box is not an accurate statement. Why would you need an anti-virus for a Mac? Tell me how many virsus' for Windows vs. Mac. Tell me the ratio. Please. I'd really like to see it. I'd also like to know how I'm a "fanboy" since I use XP, Vista, and OS X. They all have advantages and disadvantages. I try to keep it civil and not resort to name calling, but in this case.. YOU sound like the fanboy. Get your facts in line sir. You need to do a bit of research. :-)
I know. Some people like to deny facts, and then resort to name calling to prove some point.
Windows Firewall (included with...Windows) and Windows Defender (A free download for... yes, Windows) will protect your PC as much as you get with a Mac. And yes, straight out of the box. If you want anti-virus for Mac you have to buy it. If you want it for PC you have to buy or download it.
Or, just don't open crap in e-Mail and the Internet or share files and it's not really a problem.
The illusion that Macs are "safer out of the box" while Windows isn't is just a Mac Fanboy's fantasy.
Dream on, fanboys.
Just to clear up the confusion....
Windows Defender is NOT an Anti Virus. Windows Firewall? I'd rather have Zone Alarm or and hardware firewall. To say that windows (It's my OS of choice, since I do a bit of gaming) is "safer" out of the box is not an accurate statement. Why would you need an anti-virus for a Mac? Tell me how many virsus' for Windows vs. Mac. Tell me the ratio. Please. I'd really like to see it. I'd also like to know how I'm a "fanboy" since I use XP, Vista, and OS X. They all have advantages and disadvantages. I try to keep it civil and not resort to name calling, but in this case.. YOU sound like the fanboy. Get your facts in line sir. You need to do a bit of research. :-)
Ok, can you read? The person NEVER said Defender was an Anti-Virus program, it is Spyware protection, basically a condom for your Web Browser. Read above, for anti-virus you have to buy or download it for the Mac or PC. There are free anti-virus tools for BOTH OSes.
How about instead of getting your big Mac panties in a bunch, you actually read the post next time...
SMACK SMACK
That's the sound of me beating your head slowly against the brick wall of reality. PLEASE recommend ANYTHING BUT Zonealarm..
Windows Firewall (included with...Windows) and Windows Defender (A free download for... yes, Windows) will protect your PC as much as you get with a Mac. And yes, straight out of the box. If you want anti-virus for Mac you have to buy it. If you want it for PC you have to buy or download it.
Or, just don't open crap in e-Mail and the Internet or share files and it's not really a problem.
The illusion that Macs are "safer out of the box" while Windows isn't is just a Mac Fanboy's fantasy.
Dream on, fanboys.
Just to clear up the confusion....
Windows Defender is NOT an Anti Virus. Windows Firewall? I'd rather have Zone Alarm or and hardware firewall. To say that windows (It's my OS of choice, since I do a bit of gaming) is "safer" out of the box is not an accurate statement. Why would you need an anti-virus for a Mac? Tell me how many virsus' for Windows vs. Mac. Tell me the ratio. Please. I'd really like to see it. I'd also like to know how I'm a "fanboy" since I use XP, Vista, and OS X. They all have advantages and disadvantages. I try to keep it civil and not resort to name calling, but in this case.. YOU sound like the fanboy. Get your facts in line sir. You need to do a bit of research. :-)
Ok, can you read? The person NEVER said Defender was an Anti-Virus program, it is Spyware protection, basically a condom for your Web Browser. Read above, for anti-virus you have to buy or download it for the Mac or PC. There are free anti-virus tools for BOTH OSes.
How about instead of getting your big Mac panties in a bunch, you actually read the post next time...
HAHAHA.. Mac panties? Nice! Well, if YOU would read... one one of my 5* computer is a Mac*... I also said that XP is my OS of CHOICE. You should take your own advice dip ****.
They'll deny it's there ignoring it.
and after the exploit is gone isn some future patch, they'll deny there ever was an exploit and they certainly didn't patch any such non existing exploit. :p
They'll deny it's there ignoring it.
and after the exploit is gone isn some future patch, they'll deny there ever was an exploit and they certainly didn't patch any such non existing exploit. :p
Certainly not historical statistical data that one can readily compare!
Apple: 5% of Secunia advisories unpatched
Microsoft: 18% of Secunia advisories unpatched
They'll deny it's there ignoring it.
and after the exploit is gone isn some future patch, they'll deny there ever was an exploit and they certainly didn't patch any such non existing exploit. :p
Certainly not historical statistical data that one can readily compare!
Apple: 5% of Secunia advisories unpatched
Microsoft: 18% of Secunia advisories unpatched
Although your links for Secunia are accurate. What the above poster says does have merit. In the System 8.x and System 9.x days, patches were issued that fixed bugs and exploits that Apple would never confirm existed.
In OSX, they also have made several updates that have patches 'mixed' into the update that they never acknowledge was a problem or was fixed in the update.
So Secunia data would be correct, as Apple 'did' patch the exploits, but they never would confirm they were exploits or existed, nor did they list them in the patch that corrected them.
So as the above poster suggested, they would sweep them under the carpet and prentend there were never there, he didn't say they wouldn't 'ever' fix it, but made a funny reference to what they have done in the past by patching things and not acknowledging the exploit or that they patched it.
I mean, I trust most people who have local access to my computer (which is me and *gasp* sysadmin)
I mean, I trust most people who have local access to my computer (which is me and *gasp* sysadmin)
Read the articles on this. IT CAN BE EXPLOITED REMOTELY and even CIRCUMVENT system security, as it corrupts memory at an elevated level.
Just 'browsing' to a web site with the exploit could infect your computer with an elevated virus.
the majority of exploits can only be exploited due to morons settign stupid settings and stuff on their computers, no matter what the OSis... yet still... thousands of these happen all the time... Face it, the majority of computer users, of any OS are morons.
Are you forgetting that Mac's marketing pushes the 'no-fuss, don't worry about me, I'm a secure computer' mentality?
Sure smart IT people won't be hit by this, but that is not the majority of the Mac base...
Safari automatically opening files was an issue a LONG time ago. The default setting for Safari for several years has been to NOT automatically decode files! Thus the suggestion to go into the preferences and deselect this is useless.
Also this means that 99.999999% of Mac users are 100% unaffected by this stupidity in Mac OS X's default configurations. The only ones affected are those stupid enough to actively go in and change this setting and then leave it that way.
Besides, what's the worst that can happen? The system crashes. Period.
Reboot, don't do the stupid thing again, and move on.
This is no more an "exploit" of Mac OS X or of Safari than my going into a police station and demanding they give me all their cash at gunpoint.
The result is just a kernel panic. No remotely executed code. Unpleasant yes, but hardly a threat, especially if you're not a complete idiot. Windows systems on the other hand, continue to be converted into zombies by the tens of thousands every day.
The only thing that shocks me here, is the ineptness in the reporting of a bad disk image as an actual flaw in the operating system.
I think most people have got too much work keeping their Windows machines protected against thousands of real threats to worry about exploit code.
Whoops, my bad, yes you're right.
In any case, I tested the bug and it caused a kernel panic, with a message (in very cool shadow effect, I might add) to please restart my computer.
Here's the log:
panic(cpu 0 caller 0x0019447D): pmap_enter: mapping not in pv_list!
Backtrace, Format - Frame : Return Address (4 potential args on stack)
0xb663b48 : 0x128d1f (0x3c9540 0xb663b6c 0x131df4 0x0)
0xb663b88 : 0x19447d (0x3ccb64 0x1f2e32d7 0x0 0x1a1ec0)
0xb663c18 : 0x160aaf (0x4af700 0x1f2e32d7 0x0 0x16a7d)
0xb663d68 : 0x3a3571 (0x135ef3c 0x1f2e32d7 0x0 0x3)
0xb663dd8 : 0x3a3800 (0x2885600 0x0 0x135ef3c 0x1f2e32d7)
0xb663e48 : 0x3a317e (0x2885600 0x135ef3c 0xb663eac 0x1)
0xb663e98 : 0x3a4121 (0x276b080 0x2885600 0x1c87da0 0x0)
0xb663ef8 : 0x3a3e7f (0x2885600 0x2885600 0x1c87da0 0x0)
0xb663f38 : 0x8c87c1 (0x2885600 0x0 0x0 0x2db0d30)
0xb663fc8 : 0x19a74c (0x2f56400 0x0 0x19d0b5 0x2db0cec) Backtrace terminated-invalid frame pointer 0x0
Kernel loadable modules in backtrace (with dependencies):
com.apple.AppleDiskImageController(113.3)@0x8b9000
dependency: com.apple.iokit.IOStorageFamily(1.5.1)@0x515000
Kernel version:
Darwin Kernel Version 8.8.1: Mon Sep 25 19:42:00 PDT 2006; root
Model: iMac4,1, BootROM IM41.0055.B08, 2 processors, Intel Core Duo, 1.83 GHz, 512 MB
Graphics: ATI Radeon X1600, ATY,RadeonX1600, PCIe, 128 MB
Memory Module: BANK 1/DIMM1, 512 MB, DDR2 SDRAM, 667 MHz
AirPort: spairport_wireless_card_type_airport_extreme (0x14E4, 0x89), 4.80.46.0
Bluetooth: Version 1.7.9f12, 2 service, 1 devices, 1 incoming serial ports
Network Service: Built-in Ethernet, PPP (PPPoE), ppp0
Serial ATA Device: ST3160023AS, 149.05 GB
Parallel ATA Device: MATSHITADVD-R UJ-846
USB Device: Built-in iSight, Micron, Up to 480 Mb/sec, 500 mA
USB Device: deskjet 5100, hp, Up to 12 Mb/sec, 500 mA
USB Device: Hub in Apple Pro Keyboard, Mitsumi Electric, Up to 12 Mb/sec, 500 mA
USB Device: Apple Optical USB Mouse, Mitsumi Electric, Up to 1.5 Mb/sec, 100 mA
USB Device: Apple Pro Keyboard, Mitsumi Electric, Up to 12 Mb/sec, 250 mA
USB Device: Bluetooth HCI, Up to 12 Mb/sec, 500 mA
USB Device: IR Receiver, Apple Computer, Inc., Up to 12 Mb/sec, 500 mA
even if "tens of thousands" of windows systems are being "converted into zombies" as you put it, every day, that's less than 0.1% of all Windows systems worldwide.
Do you have any solid numbers by any chance on how many windows systems are turned into "zombies"? or what exactly a "zombie" is?
I will admit, OSX is more secure than Windows, I don't delude myself in that respect, however, I hate the attitude that each and every virus or vulnerability that is found for windows results in a machine that is now dead to the world, unusable for the rest of history. The fact is that many, and possibly even MOST of the viruses or vulnerabilities do nothing more than this one did, cause the user to reboot.
And here is a little note to the people at the top of the comment thread that were claiming that only fanatics say things such as "Macs are infallible": not sure if you have missed them or not, but you know those annoying commercials that start "Hi, I'm a Mac, and I'm a PC", well, there certainly was one where the "Mac" claimed "I don't have to worry about any viruses or spyware because I run OS X". So you see, it isn't just the fanboys that claim it's perfect, it comes right from the source too.
I am totally fine with the argument that OS X is more secure, because it is, but I hate, and laugh at, the people who think there is no bad that can come to Macs, and never will, and any exploits are meaningless.
And for the record, I have been a windows user since the days of 3.1, and I have yet to get any sort of virus or see any vulnerability affect my machine to the point where it caused me to lose data, forced me to re-format, or do anything more drastic than looking at the virus vault of my FREE anti-virus software and delete the identified file which was quickly and easily identified and quarantined. Wow, that was a stressful moment though, I nearly had to click my mouse 4 times, luckily it only took 3 clicks, otherwise I would have felt inconvenienced. *please note the sarcasm for those of you who can't note sarcasm*
I'm sorry to hear that you have had such a daunting experience with Windows.
However, there are lots of computer userss who take, maybe 5 minutes a week, to load software updates and that's the extent of the "work" necessary to protect their computer. My Windows computers, like many others, have not once had a virus, spyware, adware, or any other security problem on it. It takes no less time to run these updates than it does to check for Mac software updates to path their security flaws.
So, by your logic, most people go to too much work keeping their Macs protected against bad code...
Five whole minutes!!!
Oh NO!
I would feel ripped off if I bought a computer knowing that the only think I could upgrade is the ram and hard drive, even then I would fear that my OS (OSX) would even support that hardware, you know, because of the little hardware it supports in the first place.
Oh wow you have AVG, well that will protect you from every possible attack ever!
Heh.
Seriously you think AV is going to prevent remote exploits?
Safari automatically opening files was an issue a LONG time ago. The default setting for Safari for several years has been to NOT automatically decode files! Thus the suggestion to go into the preferences and deselect this is useless.
Also this means that 99.999999% of Mac users are 100% unaffected by this stupidity in Mac OS X's default configurations. The only ones affected are those stupid enough to actively go in and change this setting and then leave it that way.
Besides, what's the worst that can happen? The system crashes. Period.
Reboot, don't do the stupid thing again, and move on.
This is no more an "exploit" of Mac OS X or of Safari than my going into a police station and demanding they give me all their cash at gunpoint.
The result is just a kernel panic. No remotely executed code. Unpleasant yes, but hardly a threat, especially if you're not a complete idiot. Windows systems on the other hand, continue to be converted into zombies by the tens of thousands every day.
The only thing that shocks me here, is the ineptness in the reporting of a bad disk image as an actual flaw in the operating system.
I think most people have got too much work keeping their Windows machines protected against thousands of real threats to worry about exploit code.
Um, no, you are wrong, and no, and no again...
http://kernelfun.blogspot.com/search/label/macosx
Read and learn...
Well using your logic, there are Zero viruses or exploits for Windows Vista, so it would be far safer than OSX?
Existence and potential are two different things. (Like energy, it is the difference between a hydrogen molecule and an Atomic explosion.)
Just because less viruses and exploits are availble for an OS doesn't mean a massive attack could still not happen if there is potential. And sadly, Mac is not secure because it is designed better than other OSes, it is Secure because it less people are trying to split an hydrogen atom for it.
As a proof of example: Windows NT was considered to be 'virus resistent' (yes the same core that is running WindowsXP and Vista.) However this was back in 1992-1996, and even though it 'was' more secure than most OSes, it was not fool proof, as hackers over the years have demonstrated. It just was not in wide use, and the current exploits and viruses of the time failed on it because they didn't try to circumvent the security in NT. Back in 1995 it was considered silly by many IT professionals to run Anti-Virus software on NT, and they were respected viewpoints then. Today they would be laughed out of their jobs.
So good luck with the whole 'belief' that OSX 'is' more secure or will stay virus free.
Okay, Vista is recent and OS X is not. Yes, Vista right now is more secure than OS X, I don't know why I said the opposite. But security changes along the time, not only because their creators update it, but because it gets old and people get more used to the way it's coded. That is the problem with OS X. There is 6% of the population that gets used to the way it's coded, while 90% get used to Windows, so there's a factor of 90/6=15. Windows should be 15 times more subject to attacks than OS X at this current moment. Things change every day though, the more people are gonna switch, the more OS X haters will like to write code and learn about the flaws, the less OS X will be secure.
I'm still standing on the fact that it's UNIX-based and that apple updates security regularly and that the basis is quite secure already. Look at safari 3 in leopard, there's so many security improvments that's gonna help fight against malicious code.
Yes, right now Vista is more secure than OS X because there's nothing for it. Things will change and because I think OS X is more secure, I am sure that the graphics malicious code / time will continue to be more stable on OS X, while on Vista, it's gonna go up and up and up. Less than XP - don't get me wrong. It's far more secure.
Btw, anti-viruses are bad, not because it protects you (duh..) but because it slows down your whole system, and eventually your hard disk (if you have one). So if OS X manages to stay almost virus-free, it's gonna be a big step forward. They still have a long way to do, but the basics are set and they're strong IMO.
I know I did an arrogant comment in the first place and it looked like an Apple zealot. Well yes I am one, but sometimes I like to argue intelligently, not like in the first post.
A 'Don't worry, be happy' mac-user.
Last edited by matthew24 on 24 Nov 2006 - 16:07
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.