Linked by Thom Holwerda on Wed 22nd Nov 2006 09:06 UTC, submitted by someone
Mac OS X The 'Month of Kernel Bugs' project has found two unpatched security vulnerabilities in the way Mac OS X handles .dmg files. The first vulnerability, rated 'highly critical' by security-firm Secunia, can lead to privilege escalation, denial of service, and system access by a remote user (if Safari's open 'safe' files option is checked). The second issue is similar in nature, in that a corrupted UDTO HFS+ .dmg can lead to a denial of service condition. A workaround for both issues is to disable Safari's option to open 'safe' files after downloading, and to not open any .dmg file from a source you do not trust.
Permalink for comment 184358
To read all comments associated with this story, please click here.
RE: Gosh darn it!
by hyper on Wed 22nd Nov 2006 14:04 UTC in reply to "Gosh darn it!"
hyper
Member since:
2005-06-29

And what is this 'McSoft' you are talking about?

Reply Parent Score: 1