Critical flaw identified in MAC OS X image management system

COLLAB distinguished with the APDC / Siemens Innovation Award

Malicious code was published on the Internet to exploit an unpatched vulnerability in the software Apple’s MAC OS X. The flaw, classified by Secunia as highly critical, affects the system’s functionalities in the management of disk image files and can be exploited remotely. It can also be used to gain system access privileges.

The proof of concept was released in a blog as part of the Month of Kernel Bugs campaign that aims to disclose a flaw in the Apple operating system every day for a month.

«MAC OS X’s fails to properly handle corrupt DMG image structures,» writes the researcher in his blog.

The vulnerability can be exploited remotely whenever the browser carries DMG images from external sources, details the researcher, who identifies himself as LMH.

THE blog also provides clues for resolving the fault in question that can be worked around by changing preferences and disabling and disabling the functionality that allows you to open secure files after download.

Related News:

2006-10-25 – New MacBook Pro with Intel Core 2 Duo increases throughput by 39%