Begin forwarded message:
From: "Parker" <[EMAIL PROTECTED]>
Date: February 22, 2006 8:09:43 AM EST
To: "Internet News" <[EMAIL PROTECTED]>
Subject: Internet and Technology News More security problems bite Apple
Reply-To: [EMAIL PROTECTED]
BBC NEWS
More security problems bite Apple
Experts have uncovered a serious security bug in the way Apple software
handles downloaded
files.
The flaw could give malicious attackers a back door into Mac
computers if
users visit
carefully crafted websites and download booby-trapped files.
Although no attackers were known to be exploiting the bug, experts
said it
was easy
to write code to take advantage of the flaw.
At the same time three more viruses for Apple computers have been
discovered.
Virus outbreak
"This could be really bad," said a warning about the vulnerability by
the
widely-respected
Internet Storm Center.
The discovery of the bug opens up Apple users to so-called "drive-by
downloads" that
plague users of the Window operating system and are used by makers of
adware
and
spyware to install their software on victims' PCs.
Discovered by University of Ulm student Michael Lehn, the bug arises
because
of the
way that Apple's OSX operating handles downloaded files.
Although OSX displays an icon for files based on the suffix it finds
on the
program
being downloaded i.e. jpg, it uses different criteria to decide what
to do
with these
files.
This makes it possible to have files look benign by labelling them as
images
but,
behind the scenes the operating system will know it is dealing with a
proper
program
and run it as such.
Initially the flaw was thought only to affect compressed or zipped
files but
the
Internet Storm Center said it can be used for any file that arrives on a
target machine.
So far, no net-based exploits of the bug are known to be inexistence but
Apple is
known to be working on a fix for the flaw.
Also reported this week were three variants of a second virus for
Apple's
operating
system.
The new virus is called Inqtana and its three variants try to spread via
bluetooth
short-range radio technology.
The risk to users from the virus is almost non-existent because the
variants
are
only proof-of-concept bugs and none have been released to the wild.
The reports of the flaw in OSX and the virus variants makes three
security
alerts
for Apple in less than a week.
Story from BBC NEWS:
http://news.bbc.co.uk/go/pr/fr/-/2/hi/technology/4739432.stm
Published: 2006/02/22 12:17:43 GMT
© BBC MMVI
We supply this information as a service and do
not endorse it or recommend any action being taken based upon it. Any
decisions taken, by the subscriber, are entirely your own
responsibility.
This is an announce only list. All replies will go only to the list
moderator.
To unsubscribe from this list, press Enter on the link below. A
pre-addressed message will pop up, simply send it.
mailto:[EMAIL PROTECTED]
If you wish to recommend this list to a friend, send the following
link to
them.
mailto:[EMAIL PROTECTED]
We hope that you're enjoying this list.
www.accessible-devices.com
