Linked by Thom Holwerda on Wed 22nd Nov 2006 09:06 UTC, submitted by someone
Mac OS X The 'Month of Kernel Bugs' project has found two unpatched security vulnerabilities in the way Mac OS X handles .dmg files. The first vulnerability, rated 'highly critical' by security-firm Secunia, can lead to privilege escalation, denial of service, and system access by a remote user (if Safari's open 'safe' files option is checked). The second issue is similar in nature, in that a corrupted UDTO HFS+ .dmg can lead to a denial of service condition. A workaround for both issues is to disable Safari's option to open 'safe' files after downloading, and to not open any .dmg file from a source you do not trust.
Permalink for comment 184321
To read all comments associated with this story, please click here.
RE: No reason for panic
by shiny on Wed 22nd Nov 2006 10:46 UTC in reply to "No reason for panic"
shiny
Member since:
2005-08-09

This can be annoying but does NOT constitute a security problem since you cannot crash the kernel in such a way that you can actually make it execute your own code.

Why couldn't you? I thought that is exactly the way to exploit the software. Make it crash and execute your code. You mean that system becomes inoperable after kernel crash? Who guarantees you that?

Reply Parent Score: 4