A newly discovered vulnerability in OS X (the operating system for Mac computers) could provide hackers with the opportunity to infiltrate and install malicious software onto the machine.
This marks the third security issue following the emergence of two types of viruses targeting OS X last week. This indicates that Mac users are facing similar risks as Windows users.
The SANS Internet Storm Center warns: whenever you use Apple’s Safari web browser to visit a malicious website, the consequence could be rootkits or malicious code being installed on your machine without the user’s knowledge. Your machine could then be completely controlled remotely.
Apple has announced that they are developing a patch for this security flaw, though they have not provided a specific timeline.
The vulnerability was discovered by Michael Lehn and was first reported on the Heise Online website. Attackers only need to embed malicious code within a zip file and upload it to a website. The file and code will be executed whenever a user accesses the website using the Safari browser. This code is hidden within the metadata of the zip file. The danger lies in the fact that attackers do not need to send the zip file directly. As soon as a user accesses a website containing this file, the code is activated.
The culprit is the Mac OS Finder program, a component of the operating system that manages and views files. A file can disguise itself as safe and operate openly because of this.
Secunia rates this vulnerability as extremely serious. Even Symantec categorizes it in a similar manner. Mac users can protect themselves by disabling the “Open safe files after downloading” option in the Safari browser settings. Users of other browsers such as Firefox or Camino, while not directly attacked from the internet, can also compromise their own security by downloading and executing those zip files on their machines.
TRẦN HUY
