Mac Attack
p2pnet.net News:- A while back came the news that Microsoft is planning a 3D Longhorn. But only for some. The report didn’t say if you’d actually be able to see through Windows, or if e-bugs would continue to be able to crawl through.
See-through windows are already a Mac OS X feature to the extent Apple was/is thinking of patenting the idea.
But Apple has now become translucent in another sense, forcing it to post what amounts to a Big Mac Alert disguised as a Mac OS X update, “to address a theoretical vulnerability in the Help Viewer application that could have been exposed when browsing the web”.
‘Theoretical’ means no one has apparently exploited the vulnerability which, says Secunia, is actually two Mac OS X holes potentially capable of “allowing malicious web sites to compromise a vulnerable system”.
The problem, says Secunia, is that the “help” URI handler allows execution of arbitrary local scripts (.scpt) via the classic directory traversal character sequence using ‘help:runscript’ and:
“It is reportedly also possible to silently place arbitrary files in a known location, including script files, on a user’s system using the ‘disk’ URI handler.”
One of Apple Computer’s strengths has been that it hasn’t caught the eye(s) of the people who spend their time trying to prove they can get into anything, any time, and given this news of a Mac system security breach, there’s been surprisingly little ’shock horror’ media reaction to the story.
On the other hand Windoze (as Mac uses like to call Bill’s creation) faults show up all the time, garnering instant healines.
Up until now Apple’s claim to media fame has been the undisputed popularity of its iPod players which dominate Apple’s progress to the extent it’s started a division specifically to handle the iPod business.
But will Apple’s increasing profile plus the news that it is, in fact, vulnerable, equal a new reality – that it will now attract the attention of the hacking and/or e-virus breeding fraternities?
Stay tuned.
