Apple fixes Vulnerability in Mac OS
Apple Computer, maker of niche computers and portable music players, issued updates for its Mac OS X operating system on Tuesday, fixing 26 errors and vulnerabilities.
The Apple security advisory said the vulnerabilities mostly dealt with the way the operating system handled file-sharing and image manipulation. Alongside these, other problems were found within the DHCP networking functionality, file compression, and email systems.
Remote attackers can execute arbitrary code, trigger denial-of-service conditions, elevate privileges, and disclose potentially sensitive information, Symantec said in an advisory.
Malicious software developers could exploit these threats by making image or compressed files that resemble legitimate files. When unsuspecting users open the files, the code is then executed and the system is compromised. Apple reported that at that point, user files could be exposed, or the system could crash. In the worse case, the code could raise its permissions and access parts of the system commonly off limits.
Such tricks have commonly been used to attack computers based on other operating systems as well, including Microsoft's Windows.
Symantec said that it doesn't know of current attack code for any of the issues, though some may not require specific exploit code, the company said.
Apple has released Security Update 2006-004 to address the issues, available on their website. Users of the Mac OS X system are urged to upgrade as soon as possible to any exploitation.
The Cupertino Calif.-based company credits a number of researchers and experts who detected and reported the flaws.
© Copyright IBTimes 2024. All rights reserved.