Linked by Amjith Ramanujam on Thu 24th Jul 2008 18:01 UTC, submitted by Ward D
Bugs & Viruses Mac Antivirus developer Intego might have stumbled across an OS X specific virus being offered for auction that targets a previously unknown ZIP archive vulnerability. From Intego's posting, it appears that an enterprising auctioneer seems determined to make sure that his name is one that is not forgotten when it comes to Apple security, claiming that his exploit is a poisoned ZIP archive that will "KO the system and Hard Drive" when unarchived.
Permalink for comment 324392
To read all comments associated with this story, please click here.
Hardly likely
by Buck on Thu 24th Jul 2008 19:46 UTC
Buck
Member since:
2005-06-29

That is hardly likely. A vulnerability in zip-whatever (e.g. bomarchivehelper) won't lead to control of the system. I can't think of anything that would require a zip decompressor on the system to run with root privileges, nor is it suid root, so given that the only thing an attacker can gain using that vector is a shell access with the rights of the currently logged in user. Not a small thing by any means, but hardly the system KO being promised.

PS. Also that wouldn't technically be a 'virus' being just an exploit for a certain vulnerability.

Edited 2008-07-24 19:55 UTC

Reply Score: 7