Wednesday, November 22, 2006

Mac OS X Zero-Day Exploit

Whether it is because there are fewer Mac users and thus a smaller target or because it is more difficult to target, few vulnerabilities are reported on Macs. As David Utter reported in Mac OS X Receives Unwanted Attention:

". . . To compromise a Mac, the user must be enticed into clicking a link in Safari to a malformed image.

Should this happen, the exploit corrupts memory and could lead to the execution of arbitrary code on the now-compromised system. Safari users can avoid this worry by deactivating the preference permitting "safe" files from being opened after download. "
Safari users could also try an alternative browser if this continues to be problemmatic.

No comments: