Linked by Thom Holwerda on Wed 22nd Feb 2006 13:05 UTC
Mac OS X The weak point in Apple's Mac OS X operating system is apparently worse than originally thought. In addition to attacks via the Safari web browser, Apple Mail also executes scripts without asking in certain circumstances. It suffices to disguise a script with the ending "jpg" and assign the Terminal application for opening it. If this script is then sent in the AppleDouble format as an attachment, the information is passed along so that the recipient's system also opens it with the Terminal. Apple Mail displays the attachment with a JPG file symbol, but when users click on it, the script executes within Terminal without further prompting. Update: Heise is right.
Permalink for comment 98152
To read all comments associated with this story, please click here.
Mac head
by Deviate_X on Wed 22nd Feb 2006 13:48 UTC
Deviate_X
Member since:
2005-07-11

i remember some mac head claiming that apples were practically involnerable, events of the the last few days have proved this point of view to be very wrong

Reply Score: 2