Linked by Thom Holwerda on Wed 22nd Nov 2006 09:06 UTC, submitted by someone
The 'Month of Kernel Bugs' project has found two unpatched security vulnerabilities in the way Mac OS X handles .dmg files. The first vulnerability, rated 'highly critical' by security-firm Secunia, can lead to privilege escalation, denial of service, and system access by a remote user (if Safari's open 'safe' files option is checked). The second issue is similar in nature, in that a corrupted UDTO HFS+ .dmg can lead to a denial of service condition. A workaround for both issues is to disable Safari's option to open 'safe' files after downloading, and to not open any .dmg file from a source you do not trust.
Permalink for comment 184324
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2006-01-24
If the kernel crashes it get's a kernel panic -- e.g. nothing more happens.. Who would control things if the kernel craashed?