Linked by Amjith Ramanujam on Thu 24th Jul 2008 18:01 UTC, submitted by Ward D
Bugs & Viruses Mac Antivirus developer Intego might have stumbled across an OS X specific virus being offered for auction that targets a previously unknown ZIP archive vulnerability. From Intego's posting, it appears that an enterprising auctioneer seems determined to make sure that his name is one that is not forgotten when it comes to Apple security, claiming that his exploit is a poisoned ZIP archive that will "KO the system and Hard Drive" when unarchived.
Permalink for comment 324428
To read all comments associated with this story, please click here.
RE: exploit
by MobyTurbo on Thu 24th Jul 2008 22:54 UTC in reply to "exploit"
Member since:

zip like jpeg, gif png etc use the very same library for decompressing. find a stack overflow in the lib, then find a root exploit and you are ready to go. remember kids use address space randomization, stack protection cookies and/or selinux. until we run a system with runtime boundary checks (java/c# etc.) nobody is safe.

OS X has address space randomization and stack protection, among other security features. Potentially it is just as secure as Linux if not more so in a couple of departments. It is, after all, similar under the hood and Apple made sure to check a lot of security check-boxes.

The only problem is that Apple does security updates *very* infrequently compared to other vendors. Open source patches within days or a few weeks, Windows within a month, and OS X a few times a year. Sooner or later this policy will catch up with Apple, as much as they'd like the time to get patches right. (Well, that seems to be their excuse, but considering how many patches it took to fix outstanding Leopard bugs, I'm not sure.)

Reply Parent Score: 1