Apple updated its Snow Leopard operating system, just released to much fanfare, to patch a security vulnerability in an older version of Adobe Flash Player that had shipped with the OS.
Apple published the update, Mac OS X v10.6.1, to bring Snow Leopard’s version of Flash up to 10.0.32.18, the latest and most secure version. Security researchers had warned that using the older version of Flash left Mac users vulnerable to malware attacks.
"Multiple issues exist in the Adobe Flash Player plug-in, the most serious of which may lead to arbitrary code execution when viewing a maliciously crafted website," Apple said in its security bulletin.
Flash is responsible for running much of the video and animated content on websites.
Users can update to the latest Snow Leopard by visiting the Software Update window, then select the items to install and click Install.
Initial reports from Snow Leopard users indicated that compatibility issues were a problem for some users of HP printers. The Snow Leopard update fixes these compatibility issues and includes fixes for other minor problems, CNET News reported.
Tag Archives: Mac OS X
Apple patches Flash security vulnerability in Snow Leopard
Filed under Security News
Tagged as 10.6.1, Apple, Flash, Mac OS X, patch, Snow Leopard, vulnerability
Tagged as 10.6.1, Apple, Flash, Mac OS X, patch, Snow Leopard, vulnerability
Will Mac OS X 10.6 Snow Leopard include antivirus protection?
Filed under Security News
Tagged as 10.6, antivirus, Mac OS X, OSX.RSPlug.A, OSX/Puper, Snow Leopard, trojan
Tagged as 10.6, antivirus, Mac OS X, OSX.RSPlug.A, OSX/Puper, Snow Leopard, trojan
Mac OS X 10.6 Snow Leopard, the newest version of the Mac operating system that goes on sale Friday, may contain an antivirus scanner application, according to several security blogs that cover Macs.
The rumor mills started working due to a screen shot showing what appears to be an antivirus scanner on Snow Leopard detecting a Trojan download from the Safari web browser. The screen shot shows the scanner identifying the Trojan as OSX.RSPlug.A.
OSX.RSPlug.A, also known as OSX/Puper, has been spotted by security researchers disguised as a Mac Cinema installer that attempts to download other malware.
According to security researchers at McAfee, the attack appears to users as a disk image, which launches an installer application for the phony Mac Cinema software. Once the installer completes its task, the user becomes infected with a script file named AdobeFlash.
Other Mac malware, known as Jahlav, has been seen in the wild posing as pirated versions of legitimate applications.
The Jahlav Trojan modifies a Mac's DNS settings, allowing Mac users to be victimized by phishing attacks or surreptitiously redirected to websites hosting malicious exploits, Trend Micro reported on its malware blog.
The rumor mills started working due to a screen shot showing what appears to be an antivirus scanner on Snow Leopard detecting a Trojan download from the Safari web browser. The screen shot shows the scanner identifying the Trojan as OSX.RSPlug.A.
OSX.RSPlug.A, also known as OSX/Puper, has been spotted by security researchers disguised as a Mac Cinema installer that attempts to download other malware.
According to security researchers at McAfee, the attack appears to users as a disk image, which launches an installer application for the phony Mac Cinema software. Once the installer completes its task, the user becomes infected with a script file named AdobeFlash.
Other Mac malware, known as Jahlav, has been seen in the wild posing as pirated versions of legitimate applications.
The Jahlav Trojan modifies a Mac's DNS settings, allowing Mac users to be victimized by phishing attacks or surreptitiously redirected to websites hosting malicious exploits, Trend Micro reported on its malware blog.
Mac OS X 10.5.8 fixes 18 security flaws
Filed under Security News
Tagged as 10.5.8, 18, Canon RAW, ImageIO, Mac OS X, OpenEXR, PNG, security, Vulnerabilities
Tagged as 10.5.8, 18, Canon RAW, ImageIO, Mac OS X, OpenEXR, PNG, security, Vulnerabilities
Apple on Wednesday released a new version of its Leopard operating system, Mac OS X 10.5.8, which includes fixes for 18 web security vulnerabilities, including flaws in the way the OS handles maliciously crafted images and compressed files that could allow an attacker to take over the system.
A stack buffer overflow exists in the handling of Canon RAW images that could lead to an unexpected application termination or arbitrary code execution, Apple said in its security release. For Mac OS X v10.4 systems, this issue is already addressed with Digital Camera RAW Compatibility Update 2.6.
The security update also fixes several flaws in ImageIO that could be exploited by maliciously crafted OpenEXR and PNG images that remote hackers could use for arbitrary code execution.
A flaw in XQuery's handling of maliciously crafted XML content and the kernel's handling of a malicious AppleTalk response packet that may lead to arbitrary code execution are also fixed.
The update contains several non-security fixes for technical errors and an update to the Safari web browser, version 4.0.2.
A stack buffer overflow exists in the handling of Canon RAW images that could lead to an unexpected application termination or arbitrary code execution, Apple said in its security release. For Mac OS X v10.4 systems, this issue is already addressed with Digital Camera RAW Compatibility Update 2.6.
The security update also fixes several flaws in ImageIO that could be exploited by maliciously crafted OpenEXR and PNG images that remote hackers could use for arbitrary code execution.
A flaw in XQuery's handling of maliciously crafted XML content and the kernel's handling of a malicious AppleTalk response packet that may lead to arbitrary code execution are also fixed.
The update contains several non-security fixes for technical errors and an update to the Safari web browser, version 4.0.2.
Trojan malware ‘Puper’ targets Macs
Filed under Security News
Tagged as AdobeFlash, Mac OS X, Macs, malware, McAfee, Puper, target, trojan
Tagged as AdobeFlash, Mac OS X, Macs, malware, McAfee, Puper, target, trojan
Web security researchers have spotted a Trojan malware called Puper that disguises itself as a Mac Cinema installer that attempts to download other malware.
According to security researchers at McAfee, the attack appears to users as a disk image, which launches an installer application for the phony Mac Cinema software. Once the installer completes its task, the user becomes infected with a script file named AdobeFlash.
The malicious script launches itself every five hours and attempts to download and launch other malware, McAfee reported.
Last month, security researchers at Sophos spotted a similar Mac Trojan that disguised itself as a video codec. Called Jahlav, the malware came embedded in what appeared to be a pornography site that required users to download the file to see video.
Graham Cluley, senior technology consultant for Sophos, said Mac users need to be aware that they are not immune from the threat of viruses, even though most hackers target Windows users.
"Some Mac users may have thought that it was safe to surf for porn on their Apple Mac, but they were wrong," he said.
According to security researchers at McAfee, the attack appears to users as a disk image, which launches an installer application for the phony Mac Cinema software. Once the installer completes its task, the user becomes infected with a script file named AdobeFlash.
The malicious script launches itself every five hours and attempts to download and launch other malware, McAfee reported.
Last month, security researchers at Sophos spotted a similar Mac Trojan that disguised itself as a video codec. Called Jahlav, the malware came embedded in what appeared to be a pornography site that required users to download the file to see video.
Graham Cluley, senior technology consultant for Sophos, said Mac users need to be aware that they are not immune from the threat of viruses, even though most hackers target Windows users.
"Some Mac users may have thought that it was safe to surf for porn on their Apple Mac, but they were wrong," he said.
Apple issues security fixes in Safari 4.0.2
Apple pushed out an updated version of its web browser, Safari 4.0.2, on Wednesday. The update included two fixes to web security flaws the company said could lead to cross-site scripting attacks and arbitrary code execution.
The update for Mac OS X 10.4 and 10.5, Mac OS X Server 10.5 and Windows XP and Vista improves the stability of the Nitro JavaScript engine and includes the latest compatibility and security fixes.
Apple's security notes said that an issue in WebKit's handling of the parent and top objects may result in a cross-site scripting attack when visiting a maliciously crafted website.
Another Webkit flaw fixed in the update addresses a memory corruption issue in WebKit's handling of numeric character references. This flaw could lead to an unexpected application termination or arbitrary code execution when visiting a malicious site, Apple said.
The earlier version of Safari 4 contained bugs that caused it to crash for many users, according to posters at Apple's Safari forum.
One poster wrote: "OK I've had it with this new safari, it's complete pants!"
The update for Mac OS X 10.4 and 10.5, Mac OS X Server 10.5 and Windows XP and Vista improves the stability of the Nitro JavaScript engine and includes the latest compatibility and security fixes.
Apple's security notes said that an issue in WebKit's handling of the parent and top objects may result in a cross-site scripting attack when visiting a maliciously crafted website.
Another Webkit flaw fixed in the update addresses a memory corruption issue in WebKit's handling of numeric character references. This flaw could lead to an unexpected application termination or arbitrary code execution when visiting a malicious site, Apple said.
The earlier version of Safari 4 contained bugs that caused it to crash for many users, according to posters at Apple's Safari forum.
One poster wrote: "OK I've had it with this new safari, it's complete pants!"
Apple fixes Java security flaw for Mac OS X
Filed under Security News
Tagged as Java, Landon Fuller, Linux, Mac OS X, Mac OS X 10.5, Microsoft Windows, Sun Microsystems
Tagged as Java, Landon Fuller, Linux, Mac OS X, Mac OS X 10.5, Microsoft Windows, Sun Microsystems
Apple patched 32 vulnerabilities in multiple versions of Java used in Mac OS X 10.5 and Mac OS X 10.4, more than six months after Sun Microsystems fixed the same flaws for Windows and Linux platforms.
The company acknowledged that some of the flaws could be used by remote attackers to take control of Macs. "Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution," the company said in its security bulletin.
Because Apple uses its own versions of Java, the company frequently fixes security flaws months after Sun issues them.
Last month, Landon Fuller, a former Apple employee, published proof-of-concept for a Mac Java vulnerability on his blog because "it seems that many Mac OS X security issues are ignored if the severity of the issue is not adequately demonstrated."
As the vulnerability had been public knowledge for six months, "I have decided to release a my own proof of concept to demonstrate the issue," Fuller wrote.
The company acknowledged that some of the flaws could be used by remote attackers to take control of Macs. "Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution," the company said in its security bulletin.
Because Apple uses its own versions of Java, the company frequently fixes security flaws months after Sun issues them.
Last month, Landon Fuller, a former Apple employee, published proof-of-concept for a Mac Java vulnerability on his blog because "it seems that many Mac OS X security issues are ignored if the severity of the issue is not adequately demonstrated."
As the vulnerability had been public knowledge for six months, "I have decided to release a my own proof of concept to demonstrate the issue," Fuller wrote.
Mac users targeted by porn site malware
Filed under Security News
Tagged as Apple Mac, Mac OS X, senior technology consultant, Sophos, web browser, web security, X. Graham Cluley, YouTube
Tagged as Apple Mac, Mac OS X, senior technology consultant, Sophos, web browser, web security, X. Graham Cluley, YouTube
A web security firm has spotted two new malware attacks that target Mac OS X and Windows users who visit a website that presents itself as a portal for porn videos.
The malware comes as a pop-up that tells users they need to download a plug-in to watch the videos. Users who click on it download the malware.
Sohpos said on its blog yesterday that it spotted two versions of this type of malware - one specifically designed for Mac OS X. Graham Cluley, senior technology consultant for Sophos, said Mac users need to be aware that they are not immune from the threat.
"Some Mac users may have thought that it was safe to surf for porn on their Apple Mac, but they were wrong," he said.
The booby-trapped websites determine if the victim's web browser is running on Windows or Mac OS X and serve up malware specifically designed for the visitor's operating system, Culey said.
Porn sites seem to be a favorite among cybercriminals for spreading malware. Last month, a security firm found close to 5,000 videos on YouTube with malicious links in the comments offering to take users to porn sites that contained malware.
The malware comes as a pop-up that tells users they need to download a plug-in to watch the videos. Users who click on it download the malware.
Sohpos said on its blog yesterday that it spotted two versions of this type of malware - one specifically designed for Mac OS X. Graham Cluley, senior technology consultant for Sophos, said Mac users need to be aware that they are not immune from the threat.
"Some Mac users may have thought that it was safe to surf for porn on their Apple Mac, but they were wrong," he said.
The booby-trapped websites determine if the victim's web browser is running on Windows or Mac OS X and serve up malware specifically designed for the visitor's operating system, Culey said.
Porn sites seem to be a favorite among cybercriminals for spreading malware. Last month, a security firm found close to 5,000 videos on YouTube with malicious links in the comments offering to take users to porn sites that contained malware.
Apple fixes security bug identified in Mac hacker book
Filed under Security News
Tagged as Charlie Miller, Dino Tai, format processing bugs, JPEG, Mac, Mac OS X, PC World, software, Windows 7
Tagged as Charlie Miller, Dino Tai, format processing bugs, JPEG, Mac, Mac OS X, PC World, software, Windows 7
Apple released patches Monday for 10 security holes in QuickTime 7.6.2 for Windows 7 and Mac OS X and one patch for a flaw in iTunes 8.2. One of the flaws was previously disclosed in a hacker's manual published in March.
All of the critical vulnerabilities were described as allowing "arbitrary code execution," which if exploited could result in a hacker taking control of an infected PC or Mac. Apple does not rank its fixes by severity of vulnerability as do other software companies.
Security experts said the QuickTime vulnerabilities were primarily file format processing bugs, but included one flaw that was identified in a book released in March called The Mac Hacker's Handbook, written by IT security pros Charlie Miller and Dino Tai.
Miller said he put instructions in the book that would allow a reader to find the bug, although he did not show proof of concept, according to PC World.
"If you followed all the steps [in the book] you would find ... the bug," Miller told PC World yesterday. "I didn't show the bug, but I gave the recipe for how to find it."
The bug involves a flaw in the way QuickTime reads files that are compressed using the JPEG 2000 (JP2) standard.
Miller, who won a hacking contest at the Pwn2Own conference sponsored by Apple, gave the exploit code for the JP2 flaw to Apple's security team after he announced that it was partially revealed in his book, according to PC World.
All of the critical vulnerabilities were described as allowing "arbitrary code execution," which if exploited could result in a hacker taking control of an infected PC or Mac. Apple does not rank its fixes by severity of vulnerability as do other software companies.
Security experts said the QuickTime vulnerabilities were primarily file format processing bugs, but included one flaw that was identified in a book released in March called The Mac Hacker's Handbook, written by IT security pros Charlie Miller and Dino Tai.
Miller said he put instructions in the book that would allow a reader to find the bug, although he did not show proof of concept, according to PC World.
"If you followed all the steps [in the book] you would find ... the bug," Miller told PC World yesterday. "I didn't show the bug, but I gave the recipe for how to find it."
The bug involves a flaw in the way QuickTime reads files that are compressed using the JPEG 2000 (JP2) standard.
Miller, who won a hacking contest at the Pwn2Own conference sponsored by Apple, gave the exploit code for the JP2 flaw to Apple's security team after he announced that it was partially revealed in his book, according to PC World.