New OS X vulnerability found: worm released in lab?
![](https://s.yimg.com/ny/api/res/1.2/taV3DuWNO7UHWF8IMh8UOQ--/YXBwaWQ9aGlnaGxhbmRlcjt3PTQyMDtoPTM2Mg--/https://s.yimg.com/uu/api/res/1.2/PHzWZTVyZN7HF.kX_soE5A--~B/aD0xOTg7dz0yMzA7YXBwaWQ9eXRhY2h5b24-/https://www.blogcdn.com/www.engadget.com/media/2007/07/apple_worm_230.jpg)
Look, we're fine with Apple gloating about the security of OS X in their Mac vs. PC adverts. After all, we have yet to see a large-scale worm released into the Macintosh community. However, the fact that a worm hasn't been released on a Windows-esque scale likely has less to do with Apple's superior coding than the size of their market share, i.e., OS X is a smaller target. That might soon change, however. A vulnerability has reportedly been found and more importantly, exploited by an "independent researcher" known only as "InfoSec Sellout." Apparently, a previously undisclosed vulnerability in the OS X mDNSResponder (which Apple has patched before) allowed Sir Sellout to cobble together a worm dubbed "Rape.osx." InfoSec Sellout claims to have released the worm into a controlled environment thereby infecting a network of about 1,500 OS X systems by nabbing root and dumping a text file as an evidentiary foot print. However, the worm's author claims that it can be broadly weaponised with a payload of choice across both PPC and Intel-class Macs with just a bit more work. InfoSec Sellout will disclose the vulnerability to Apple only after his/her "research is complete" and after an appropriate level of compensation (er, InfoSec Ransom?) received. Dubious as that sounds, for better or worse, it's the way the game's currently played.
[Via Slashdot]