Apple’s Leopard vulnerable to security flaw
Intego, makers of VirusBarrier and other Mac OS X security software, on Wednesday issued an alert regarding a flaw in the way that the Mac OS X v10.5 “Leopard” handles files that have been downloaded from the Internet. This affects Mail attachments, according to Intego. The problem was identified on Tuesday by U.K.-based Heise Security, which says it’s identical to a security flaw that first came to light in Tiger Mail back in March, 2006 — a security flaw that Apple actually patched in Tiger, but has apparently reappeared in Leopard (causing Heise to refer to it as “the same old error”).
Heise says that a file downloaded from the Internet can contain a resource fork that will cause the Mac to open the file (if it’s double-clicked by a user) in Terminal, automatically executing a shell command sequence. The file is “disguised” as another type of enclosure; in Heise’s example, a JPEG image. Apple has not yet released a security update for this issue, according to Intego. Intego has updated the virus definitions file used by its VirusBarrier X4 software to work around the issue. The definitions file is dated Nov. 21, 2007. A popular argument of almost every Apple fan saying that Mac considers no security risk is becoming a history…
Source: Macworld
Comments(39)
firstttt
Martin: posting “1st” comments will get you banned like this idiot
I knew that there was a flaw somewhere
First Microsoft now Apple!!!
now you see that mac sucks as hard as windows!
macs have always been as flawed as windows, just not as widely exploited because of the windows popularity.
Now thats a first, a new OS has a security issue, wow….
what a surprise! anybody thought mac os has no bugs?
But what happens when the virus is on the system? can it turn your computer into a zombie like a pc system? i think this will be harder on mac/ linux systems cause file access is restricted.
“A popular argument of almost every Apple fan saying that Mac considers no security risk is becoming a history…”
Come again?!
Suck on that FanBoys!!
that why ill stick with superior VISTA. Thank you very much!
Actually Mac users have nothing to fear because nobody cares about Mac enough to code a virus for it.
There isn’t perfect OS and never will be. I really laugh at those comments like “now you see that mac sucks as hard as windows!” & “that why ill stick with superior VISTA. Thank you very much!” Fanboys are talking..fanboys are talking…Windows, Linux, Mac all of them have issues. Windows is just most attacked because it’s easier to take down because poopoo security & coding. “But what happens when the virus is on the system? can it turn your computer into a zombie like a pc system? i think this will be harder on mac/ linux systems cause file access is restricted.” I agree with this one. You can’t take Mac or Linux down as easily as Windows.
Microsoft could create wonderful OS, with better security & code but they really don’t have to. Lots of people uses Windows and don’t even know about other operation systems and think that Windows is the best one ever. Why should they spend money for developing it better then, they will make money with it whatsoever…
some days ago i helped a friend of mine to remove a virus from his mac osx! he received his infected word file via a friend and partner of him! this word had obviously a macro, that seems to infect files thru osx via word binary! the office suite was full updated! when he executed the file asked to use macros but he didn’t knew that accepting this was the same action as put his root password wile installing a program (darn, he didn’t knew what were macros, do some of you know??)! mac is very vulnerable without security programs! by default osx firewall is off!!! install at least a virus scan that is running on memory simply because even if you get a file infected with windows virus, the chance you pass that infected file to a windows user is very high i might say! i for one, windows user, get allot of files by friends that use mac osx!
Every OS has flaws and every OS has idiot fanboys. Everytime a flaw crawls to the surface, so do the idiot fanboys.
Many of the comments on here are no exception, and these kids are basically an embarrassment to the OS they claim to support. Sadly, they also think they are original and clever. Watch and learn children, the world isn’t as cut and dried as you think.
Yes, mac is perfect but do read on…
“The Apple nay-sayers of today offer what they think is a solid argument against the Apple consumer; that Apple’s “game” is solely based on good looks alone and, as such, Apple consumers are nothing more then superficial ego-consumers who buy the product solely for social value. Trend, it would seem, is the buying power for Apple.
Now, before judgment is cast upon my soul, hear me out and see where I’m going with this. First, as a complete Apple fan boy you would think I fall into this argument as well. I, just as any other Apple consumer, may be attracted first by a product’s look, feel, and possible “trend” status. Ultimately however, it’s more than that. Steve Jobs’ goal has always been to meld form with function, and that’s where the meat balances the potatoes. We as consumers can appreciate a beautiful-looking piece of technology, but what is more important is the utility we receive from it. Therefore, arguably, the user experience is the sole foundation for a products success.
To get a better idea of what I mean, let’s take a look at three “competing” products. We’ll base this solely on the actual user experience, operating systems alone.
* Form and Function equal – Leopard
* Form but no function – Windows Vista
* Function but no form – Linux
Function but no form
Let’s go from the bottom up. Linux provides a secure foundation for developers to continue building upon. Just as the Linux community grows, the operating system itself seems organic, and grows with them. An open-source operating system, completely free to use, yet has never become mainstream. Why is that? Could it be due to the lack of form? Maybe by design Linux looks and feels more complicated; perhaps its role as a “developer tool” makes basic users quiver in fear. Whatever the reason, Linux never had the break that OSX has had since its onset.
Form but no function
I hope many will agree that, while Vista is one beautiful piece of glass, it’s a hollow space past the surface. Its innumerable new, eye-catching features are tantalizing, but on a practical scale, it shows little variation from the preceding XP. Coincidentally, like most beauty in this world, it seems to come with a price: either your sanity, or your RAM. It begs the question, why would users put up with such a bad relationship? Naturally, the operating system’s open quality led to its massive globalization, but at what further cost? Interoperability was what seemed to hold Microsoft together, but now with more customization available and the growing abilities of Web 2.0 sharing and creating, it seems more relevant now than ever to rethink what the true balance of form and function is.
Form and Function equal
The key to Apple’s success is their ability to balance function and form. Never will a device hyperextend itself at the risk of failing. Only the most secure features are added slowly into newer upgrades. The jump from Tiger to Leopard alone reflects this. Instead of recreating a completely new operating system that requires massive hardware upgrades, or so many new features that the system itself feels completely unique and unfamiliar, we see a simple system that reflects characteristics of its ancestors. A few features, here, a few features there, and you’re still secure in your space.
So judge us as you will, but remember, that in a world of trend, somethings are popular for a reason.”
Yes, mac isn’t perfect but do read on…
“The Apple nay-sayers of today offer what they think is a solid argument against the Apple consumer; that Apple’s “game” is solely based on good looks alone and, as such, Apple consumers are nothing more then superficial ego-consumers who buy the product solely for social value. Trend, it would seem, is the buying power for Apple.
Now, before judgment is cast upon my soul, hear me out and see where I’m going with this. First, as a complete Apple fan boy you would think I fall into this argument as well. I, just as any other Apple consumer, may be attracted first by a product’s look, feel, and possible “trend” status. Ultimately however, it’s more than that. Steve Jobs’ goal has always been to meld form with function, and that’s where the meat balances the potatoes. We as consumers can appreciate a beautiful-looking piece of technology, but what is more important is the utility we receive from it. Therefore, arguably, the user experience is the sole foundation for a products success.
To get a better idea of what I mean, let’s take a look at three “competing” products. We’ll base this solely on the actual user experience, operating systems alone.
* Form and Function equal – Leopard
* Form but no function – Windows Vista
* Function but no form – Linux
Function but no form
Let’s go from the bottom up. Linux provides a secure foundation for developers to continue building upon. Just as the Linux community grows, the operating system itself seems organic, and grows with them. An open-source operating system, completely free to use, yet has never become mainstream. Why is that? Could it be due to the lack of form? Maybe by design Linux looks and feels more complicated; perhaps its role as a “developer tool” makes basic users quiver in fear. Whatever the reason, Linux never had the break that OSX has had since its onset.
Form but no function
I hope many will agree that, while Vista is one beautiful piece of glass, it’s a hollow space past the surface. Its innumerable new, eye-catching features are tantalizing, but on a practical scale, it shows little variation from the preceding XP. Coincidentally, like most beauty in this world, it seems to come with a price: either your sanity, or your RAM. It begs the question, why would users put up with such a bad relationship? Naturally, the operating system’s open quality led to its massive globalization, but at what further cost? Interoperability was what seemed to hold Microsoft together, but now with more customization available and the growing abilities of Web 2.0 sharing and creating, it seems more relevant now than ever to rethink what the true balance of form and function is.
Form and Function equal
The key to Apple’s success is their ability to balance function and form. Never will a device hyperextend itself at the risk of failing. Only the most secure features are added slowly into newer upgrades. The jump from Tiger to Leopard alone reflects this. Instead of recreating a completely new operating system that requires massive hardware upgrades, or so many new features that the system itself feels completely unique and unfamiliar, we see a simple system that reflects characteristics of its ancestors. A few features, here, a few features there, and you’re still secure in your space.
So judge us as you will, but remember, that in a world of trend, somethings are popular for a reason.”
The real question I want answered is why the hell nobody makes a PC like the current iMacs?
Do apple own all the rights to integrating the base unit into the monitor? The amount of desk space it saves is worth that alone!
Having to use OSX at work has shown me that it is really a rubbish system, as the software modifed from Windows froms is terrible (not just Office) and I would never buy one. Maybe I like right clicking too much, or actually deleting files from my flash drives…
“cause the Mac to open the file (if it’s double-clicked by a user)”
THIS IS A SECURITY FLAW??
LOLOL THIS IS SO RIDICULOUS!
if you dont trust your download source dont open the file
and wow mac opens a file if you double click it!!!!!!!
LOLOL
BTW
I know that some companies do make integrated units, but they look really cheap and tacky compared to the iMac, and often compromise components!
“Having to use OSX at work has shown me that it is really a rubbish system, as the software modifed from Windows froms is terrible (not just Office) and I would never buy one.”
You decide an operating system is rubbish because modified software from another OS doesn’t run very well on it? You’re an idiot.
Vista Superior?? Hahahahaha. How many viruses have already been made for that?? And how many virus software do windows users have? Like AVG, Norton…etc. I think there is around 2 antivirus programs made for the Mac OS. I’m not scared. People have tried sending me viruses, my computer just rejects them.
http://projects.info-pull.com/moab/
Haha, look at all the Mac haters rushing to express their opinions!
Interesting virus attack scheme
to open the file (if it’s double-clicked by a user)
would be like a window user triple click on a file,,but the problem is still there
hey cyrus, have you considered marketting and advertisement (or lack thereof) being a key factor regarding the size of the linux community? ’cause if it weren’t for that, i doubt apple would be where they are now (which isn’t to say they lack form or function; simply trying to point out how this consumer society works).
heise is a Germany based publisher…
not a big deal. only idiots click on something from an unknown sender and deserve whatever happens.
you do notice this comes from an OS X anti-virus software maker. they’re always trying to pump up sales.
Mac haters, suck it!
I’ve recently switched to Mac and now I gotta MacBook and I’m very satisfied with it
it looks cool,it runs smoothly,it works perfect
it does some fascinating stuff and very easy to use
Since I got it,I’ve been telling all my friends and family to get one and so far,5 of them got one.
I wonder why the hell there so many mac haters,I used to be one but I had no idea about it and I thought it sucks but now I can see how stupid I was.
and it does have a right click you idiot
so I suggest to all of those who doesn’t know what is a Mac,give it a try and you wont be disappointed for sure.
peace
it’s vista ultimate not superior lol there’s no such thing as the latter lol
i thought about getting a mac… but for the price of a macbook u could put together a monster system that actually runs vista at a decent speed, or make xp run even faster..
i thought about getting a mac… but for the price of a macbook u could put together a monster system that actually runs vista at a decent speed, or make xp run even faster. really annoying how a macbook for 1800AUD only has a dvd combo… but then again i am poor…. T_T
What you say is incorrect. Both the Intego alert and the Heise info say this only affects Mail. It doesn’t affect “files downloaded from the Internet”, or Safari, or iChat. The quarantine system does cover those cases, but here it’s only flawed for Mail.
And you still have to run executables of unknown origin for that to happen. duh
*sigh*
You Apple enthusiasts need to realize that it doesnt matter how good your OS is (or at least how good you “think” it is…), an OS is a very large piece of software. Therefore, there will ALWAYS be tons of bugs (in the case of an OS, many exploits), especially when the OS is first released.
@30
The EXACT reason I think Mac users are all idiots is because of people like you. You, for some strange unknown reason, feel the need to “convince” us that the Mac is superior to Windows, when in fact it is simply a personal opinion…Careful, you get a Mac, and your part of some community that you really didnt want any part of. “But all I wanted was a computer!” Too bad, you are apparently a freak nobody loves, so you have to cuddle around the other freaks and keep each other warm while us “evil” Windows users call you stupid…Heheh…
http://www.thebestpageintheuniverse.net/c.cgi?u=macs_cant
^Greatest website on Earth!^
Answer me this..
..
does you ppl who insult OS Eg. Apple … Own one? or at least used them for several months?
If not, you are judging on things you don’t know
I don’t insult things that i don’t know, eg. Linux, ubuntu or whatever…, Because i don’t know about them.. IF you don’t know things just shut up otherwise you look like a fool..
” Like a blind-man who says…. LOOK there is 3 yellow bird flying, they are ugly”
BTW i use both windows and os x..
Mac Scan 2.4.1
Monday, 8. October 2007, 17:26:06
http://rapidshare.com/files/61161713/Clear112.zip
thank you airon clear blog
@18 Gr00vE,
Lots of companies sell integrated systems, they’re called laptops and they perfectly illustrate the problems inherent in such a design. Namely that users have less choice and if the display dies the entire system becomes useless. Of course the maker could include a monitor port, allowing you to hook up a separate monitor, but that kind of negates the whole idea of it being integrated.
Ctrl + click is not the same as right clicking.
I actually think my boss is an idiot for buying Mac’s then having to get inferior versions of the software we need as a result. I think that getting an OS that doesnt meet the consumers needs as fully shows it is not as good. I think the new software may be better than using Office on a Mac, but I haven’t tried it.
I am fully aware of laptops thanks, I am typing this on one. Again, the Macbooks look and feel better than the others available.
The integrated systems I would like to see are like shuttle PC’s, fully customisable and upgradable by the user, but in a nice looking package. If I had the money I’d make them, then all the non-1337 people in the world who don’t like crappy see through pannels and neon lights to play WoW by could be happy with how their PC’s look