Linked by Thom Holwerda on Wed 22nd Nov 2006 09:06 UTC, submitted by someone
Mac OS X The 'Month of Kernel Bugs' project has found two unpatched security vulnerabilities in the way Mac OS X handles .dmg files. The first vulnerability, rated 'highly critical' by security-firm Secunia, can lead to privilege escalation, denial of service, and system access by a remote user (if Safari's open 'safe' files option is checked). The second issue is similar in nature, in that a corrupted UDTO HFS+ .dmg can lead to a denial of service condition. A workaround for both issues is to disable Safari's option to open 'safe' files after downloading, and to not open any .dmg file from a source you do not trust.
Thread beginning with comment 184358
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Gosh darn it!
by hyper on Wed 22nd Nov 2006 14:04 UTC in reply to "Gosh darn it!"
hyper
Member since:
2005-06-29

And what is this 'McSoft' you are talking about?

Reply Parent Score: 1

RE[2]: Gosh darn it!
by aGNUstic on Wed 22nd Nov 2006 14:14 in reply to "RE: Gosh darn it!"
aGNUstic Member since:
2005-07-28

I could have said MickeySoft. :-)

Reply Parent Score: 0

RE[3]: Gosh darn it!
by BluenoseJake on Wed 22nd Nov 2006 15:05 in reply to "RE[2]: Gosh darn it!"
BluenoseJake Member since:
2005-08-11

you could have said Microsoft, like a grown up.

Reply Parent Score: 5