- CNET NETWORKS UK BUSINESS SITES:
- atlarge.com
- BNET UK
- silicon.com
- SmartPlanet.com
- ZDNet.co.uk
US-Cert issues alert...
By Tom Espiner
Published: 27 November 2006 08:50 GMT
The US government has added its weight to warnings about a vulnerability in Apple Mac OS X.
Security from A to Z
Click on the links below to find out more...
A is for Antivirus
B is for Botnets
C is for CMA
D is for DDoS
E is for Extradition
F is for Federated identity
G is for Google
H is for Hackers
I is for IM
J is for Jaschan (Sven)
K is for Kids
L is for Love Bug
M is for Microsoft
N is for Neologisms
O is for Orange
P is for Passwords
Q is for Questions
R is for Rootkits
S is for Spyware
T is for Two-factor authentication
U is for USB sticks/devices
V is for Virus variants
W is for Wi-fi
X is for OS X
Y is for You
Z is for Zero-day
The US computer emergency response team (US-Cert) issued an alert last week, reporting a failure in the way OS X handles corrupted disk image files - for Macs, the '.dmg' file format.
A disk image file is a digital representation of the contents and structure of a storage device like a CD or DVD. According to US-Cert, the vulnerability in OS X may allow an attacker using malformed '.dmg' files to corrupt system memory in a way that could allow arbitrary code execution, or cause a denial of service.
The researcher who found the vulnerability claimed it is remotely exploitable as Apple's Safari browser can be set to automatically open '.dmg' files downloaded from external sources. According to the researcher, this can be prevented by changing the browser preferences and deactivating the functionality for opening "safe" files after downloading.
However, the US-Cert vulnerability note said the organisation was "currently unaware of a practical solution to this problem".
Tom Espiner writes for ZDNet UK
But don't forget the OS requires explicit permissi...
Don Tregartha
No, Don, it doesn't. Once code is running as root ...
Steven Fisher
SYSTEMS ADMINISTRATOR - APPLE MAC & OS X DESKTOP SUPPORT - Cambridge, South East The European Bioinformatics Institute (EBI) is a non-profit academic ...
Then read on A new opening is immediately available for an experienced BSS support specialist to work for a leading telco as part of a new team ...
Novell NetWare, Linux, and Apple Mac OS - Experience of remote computer systems management Desirable Requirements Include: - Knowledge of Novell ...
CIO50 2008
The silicon.com CIO50 2008 profiles the most influential and innovative tech chiefs in the UK across all industries and organisation size, from the biggest FTSE100 companies to high growth dot-com start ups and the public sector. The list was voted on by the UK CIO community and a panel of experts. Find out more in our latest special report.
Stories from the web...
Copyright ©1995-2008 CNET Networks, Inc. All rights reserved. Top of page
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
RSS Feeds
Peter Cochrane Peter Cochrane's Blog: Is convergence a fiction? Or could it finally be happening…
Clive Longbottom Quocirca's Straight Talking: A game of two halves Microsoft Virtualisation scores while its SOA bores...