<body><script type="text/javascript"> function setAttributeOnload(object, attribute, val) { if(window.addEventListener) { window.addEventListener('load', function(){ object[attribute] = val; }, false); } else { window.attachEvent('onload', function(){ object[attribute] = val; }); } } </script> <div id="navbar-iframe-container"></div> <script type="text/javascript" src="https://apis.google.com/js/platform.js"></script> <script type="text/javascript"> gapi.load("gapi.iframes:gapi.iframes.style.bubble", function() { if (gapi.iframes && gapi.iframes.getContext) { gapi.iframes.getContext().openChild({ url: 'https://www.blogger.com/navbar.g?targetBlogID\x3d24605170\x26blogName\x3dWhat\x27s+New\x26publishMode\x3dPUBLISH_MODE_BLOGSPOT\x26navbarType\x3dBLUE\x26layoutType\x3dCLASSIC\x26searchRoot\x3dhttps://newsko.blogspot.com/search\x26blogLocale\x3den_US\x26v\x3d2\x26homepageUrl\x3dhttp://newsko.blogspot.com/\x26vt\x3d-5077661798594369790', where: document.getElementById("navbar-iframe-container"), id: "navbar-iframe", messageHandlersFilter: gapi.iframes.CROSS_ORIGIN_IFRAMES_FILTER, messageHandlers: { 'blogger-ping': function() {} } }); } }); </script>
   What's New[definition].  
 
    
Google
Google Web
« Home

Posts

Burst.com countersues Apple
HP opens Singapore office to protect IP
Oracle fires a shot across Red Hat’s bows
RCA announces HDV5000 HD DVD player
Teclast's other "dual core" DAP, the T19
Pioneer's "Smart theater" with wireless rears
Ricoh Caplio R4 superzoom compact reviewed
Opticon-toting driver gets $50 fine for changing t...
Toshiba HD-A1 HD DVD player gets hands-on treatment
mobiBLU's B153 153-hour player US-bound
 
     Archives
March 2006
April 2006
May 2006
June 2006
July 2006
 
     Links




Word of the Day

Article of the Day

This Day in History

In the News

Quotation of the Day

Mac OS X Hit By 6 New Zero-Day Bugs

At least six zero-day vulnerabilities in Apple Computer's Mac OS X have been spotted by an independent researcher.

At least six zero-day vulnerabilities in Apple Computer Inc.'s Mac OS X were disclosed earlier this week by an independent researcher, who noted that all can crash applications or the operating system, and some may let attackers hijack systems.

Four of the bugs relate to how the Mac's OS parses various image file formats -- including BMP, TIFF, and GIF, one to how OS X decompresses malformed ZIP archives, and "several" affect Apple's Safari browser, said researcher Tom Ferris in numerous advisories posted Wednesday to his Security Protocols site.

All impact OS X 10.4.6 -- the most-current edition -- as well as earlier editions, said Ferris, who added that they can result in localized denial-of-service (DoS), in other words "crashes," and may be further exploitable by attackers installing their own malicious code on compromised Macs.

Danish vulnerability tracker Secunia collectively ranked the flaws as "Highly critical" on Friday. For his part, Ferris rated the Safari vulnerabilities as posing the greatest threat, and in his advisory included links to basic proof-of-concept code. Browsers are a particularly attractive target for attackers, since nearly every computer owner uses one, they contain a seemingly unlimited number of bugs, and attacks can sometimes be perpetrated without the user's knowledge through drive-by downloads.

The only remedy offered by Secunia was to avoid untrusted Web sites, and not to open ZIP or image files from other dubious locations.

Apple was notified of some of the vulnerabilities in January, others in February, but has not yet patched any of them, claimed Ferris.

Apple didn't immediately reply to a request about how it plans to deal with the zero-day bugs; typically, the Cupertino, Calif. computer maker refuses to comment on unresolved or unpatched security vulnerabilities.

Mac OS X Hit By 6 New Zero-Day Bugs - Friday, April 21, 2006 -

Post a Comment

Enter your email address:

Delivered by FeedBurner



 


Linux Tips and Tricks - Mox Diamond - Arcane Denial - Sylvan Library
Linux Tips and Stuff - ba-zoo-ra - iBUG teks/

© 2006 What's New