Home > macOS > Apple Issues Patch for Mac OS X hole

Apple Issues Patch for Mac OS X hole

macOS 6 Comments

Apple Computer has issued a security update that, among other fixes, closes a hole in Mac OS X that could have allowed hackers to take control of a computer under particular circumstances.

About The Author

Eugenia Loli

Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.

Follow me on Twitter @EugeniaLoli

6 Comments

  1. 2003-12-23 8:18 pm
    Anonymous

    Yeah yeah, it was the worst security hole yet, and it only worked under particular circumstances, NOTE “particular circumstances”, not all like MS security holes. Didn’t this security hole mean that a server needed to be hacked first? And isn’t getting your server hacked the worst thing that can happen, and wouldn’t it mean that all computers on that net are vulnerable, not just Macs, for many ways of attacking. Also, that server would have to be a Windows or Linux box that was hacked in the sense that it was hacked, or just a cracker getting his/her hands on a password for any server, then a person could carry this out, and much worst than just getting into macs.

  2. 2003-12-23 9:28 pm
    Anonymous

    Calm down, Brando. So OSX has a security hole and you seem personally offended that it happened. What’s up with that?

    It’s not necessary to rigorously defend your OS when it has security problems – if us Windows users did that, we’d never get any sleep ;) All OS’s will have security flaws at some point, so just relax and go outside .. it’s probably sunny.

  3. 2003-12-23 10:45 pm
    Anonymous

    as long as Apple is fast and proactive about fixing these security issues that will make me happy

  4. 2003-12-24 12:35 am
    Anonymous

    I really hope you are joking ;(

  5. 2003-12-24 4:42 am
    Anonymous

    somehow after the panther release i feel that the exploits os x has encountered happended year(s) ago for windows ;)

  6. 2003-12-24 6:18 am
    Anonymous

    “that could have allowed hackers to take control of a computer under particular circumstances.”

    What does that mean?

    I guess the DHCP client by default will pull a remote authentication LDAP server from DHCP. Exploiting would require getting the client to pull its DHCP settings from a rogue DHCP server.

    The workaround is:

    in Directory Access, select LDAPv3 in the Services tab, click “Configure…”, uncheck “Use DHCP-supplied LDAP Server”

    more info here:

    http://www.carrel.org/dhcp-vuln.html

    Not really a big deal.