Latest in Apple

Image credit:

New OS X vulnerability found: worm released in lab?

Thomas Ricker, @trixxy
July 18, 2007
Share
Tweet
Share

Sponsored Links

Look, we're fine with Apple gloating about the security of OS X in their Mac vs. PC adverts. After all, we have yet to see a large-scale worm released into the Macintosh community. However, the fact that a worm hasn't been released on a Windows-esque scale likely has less to do with Apple's superior coding than the size of their market share, i.e., OS X is a smaller target. That might soon change, however. A vulnerability has reportedly been found and more importantly, exploited by an "independent researcher" known only as "InfoSec Sellout." Apparently, a previously undisclosed vulnerability in the OS X mDNSResponder (which Apple has patched before) allowed Sir Sellout to cobble together a worm dubbed "Rape.osx." InfoSec Sellout claims to have released the worm into a controlled environment thereby infecting a network of about 1,500 OS X systems by nabbing root and dumping a text file as an evidentiary foot print. However, the worm's author claims that it can be broadly weaponised with a payload of choice across both PPC and Intel-class Macs with just a bit more work. InfoSec Sellout will disclose the vulnerability to Apple only after his/her "research is complete" and after an appropriate level of compensation (er, InfoSec Ransom?) received. Dubious as that sounds, for better or worse, it's the way the game's currently played.

[Via Slashdot]



All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Share
Tweet
Share

Popular on Engadget

Peter Parker has been recast in ‘Marvel’s Spider-Man: Remastered’

Peter Parker has been recast in ‘Marvel’s Spider-Man: Remastered’

View
The Aura Strap adds new tricks to your Apple Watch

The Aura Strap adds new tricks to your Apple Watch

View
Here's everything Google announced at its Pixel 5 event

Here's everything Google announced at its Pixel 5 event

View
Windows 10 for ARM will support 64-bit x64 apps through emulation

Windows 10 for ARM will support 64-bit x64 apps through emulation

View
Google's 'Hold for Me' Assistant feature appears first on new Pixel phones

Google's 'Hold for Me' Assistant feature appears first on new Pixel phones

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr