Number of exploits circulating for critical Mac flaws

Bill Brenner

An attacker could easily exploit two "extremely critical" vulnerabilities in Apple Macintosh OS X software and there is no efficient solution to the problem, IT security firm Secunia said in an advisory Monday.

Thomas Kristensen, chief technology officer of the Copenhagen, Denmark-based company, attributed the discovery to various people and Web sites and said the best defense is to stay away from "untrusted" Web sites, rename all URI handlers that are not required and avoid surfing the Internet as a privileged user.

"One of the important points is that you don't want to visit malicious sites," Kristensen said. "Unfortunately, it's not always easy to recognize a malicious site. And since we first started to hear about this over the weekend, a lot of details on how to exploit the vulnerabilities have made it onto the Internet."

The advisory said the first problem is that the "help" URI handler "allows execution of arbitrary local scripts (.scpt) via the classic directory traversal character sequence using "help:runscript." The second flaw is that it may also be possible to silently place arbitrary files, including script files, in a known location on a user's system using the "disk" URI handler.

Malicious code writers could successfully exploit the vulnerabilities using 1.2.1 (125.1) and Internet Explorer 5.2. Other browsers may also be used as attack vectors, the advisory said.

The vulnerabilities have been upgraded to extremely critical because the issues

    Requires Free Membership to View

are easy to exploit with remote access and a large number of working exploits are available, the advisory said.

On the plus side, attackers are less likely to go after Macintosh software because it is not as widely used as Windows products, Kristensen said.

"If these were Windows vulnerabilities, they would certainly be exploited," he said.

Secunia advisory

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: