GoFuckYourself.com - Adult Webmaster Forum - View Single Post

digifan · 04-22-2006, 07:52 AM

Researcher finds a mitt full of Mac bugs

Robert McMillan, IDG News Service - MacCentral Fri Apr 21, 10:30 PM ET

A Mission Viejo, California, security researcher has posted code that exploits a number of newly discovered and unpatched bugs in the Mac
OS X platform.

The software, posted Friday by independent researcher Tom Ferris, could be used to crash applications or even run unauthorized code on the Mac by taking advantage of bugs in the Safari browser and Mac OS X operating system. Ferris's "proof of concept" code exploits a total of seven bugs.

Apple Computer Inc. has already been made aware of the bugs and plans to fix them in "the next security release," Ferris said in a posting to his Security-protocols.com blog.

"There [seem] to be some problems with the claimed solid-as-a-rock
Unix OS," he wrote on his blog. "Getting Safari to crash in many different spots is trivial, as where Firefox is very tough."

Long considered to be more secure than Microsoft's Windows operating system, Mac OS X has increasingly been the focus of security researchers like Ferris. In February a number of malicious programs, including one called OSX/Leap, were released targeting the
Macintosh.

The SANS Institute's Internet Storm Center rated Ferris's bugs as "highly critical," and warned that there are no patches or workarounds available for the majority of these vulnerabilities.

Ferris made headlines earlier this year when he discovered a bug in the Internet Explorer 7 Beta 2 preview browser within minutes of the product being released.

Apple representatives were not immediately available to comment for this story.

Link:
http://news.yahoo.com/s/macworld/200...bugs20060421_1

04-22-2006, 07:52 AM
digifan The Profiler Industry Role: Join Date: Oct 2002 Location: ICQ 76281726 and I'm female Posts: 14,618	Researcher finds a mitt full of Mac bugs Researcher finds a mitt full of Mac bugs Robert McMillan, IDG News Service - MacCentral Fri Apr 21, 10:30 PM ET A Mission Viejo, California, security researcher has posted code that exploits a number of newly discovered and unpatched bugs in the Mac OS X platform. The software, posted Friday by independent researcher Tom Ferris, could be used to crash applications or even run unauthorized code on the Mac by taking advantage of bugs in the Safari browser and Mac OS X operating system. Ferris's "proof of concept" code exploits a total of seven bugs. Apple Computer Inc. has already been made aware of the bugs and plans to fix them in "the next security release," Ferris said in a posting to his Security-protocols.com blog. "There [seem] to be some problems with the claimed solid-as-a-rock Unix OS," he wrote on his blog. "Getting Safari to crash in many different spots is trivial, as where Firefox is very tough." Long considered to be more secure than Microsoft's Windows operating system, Mac OS X has increasingly been the focus of security researchers like Ferris. In February a number of malicious programs, including one called OSX/Leap, were released targeting the Macintosh. The SANS Institute's Internet Storm Center rated Ferris's bugs as "highly critical," and warned that there are no patches or workarounds available for the majority of these vulnerabilities. Ferris made headlines earlier this year when he discovered a bug in the Internet Explorer 7 Beta 2 preview browser within minutes of the product being released. Apple representatives were not immediately available to comment for this story. Link: http://news.yahoo.com/s/macworld/200...bugs20060421_1 __________________ [email protected] Webair Rocks