Apple Has A Hole In MAC OS X
Apple has failed to fix a bug in its Mac OS X operating system that allows processes to bypass the sandbox protection in place.
The flaw was discovered by Anibal Sacco and Matias Eissler from Core Security Technologies. They let Apple know about the problem on 20 September, and while Apple acknowledged their submission, it said that it did not see any security threat, forcing the Core Security Technologies team to publish the report to the public this month.
The problem appears to be with the use of Apple events in several default profiles, including the no-network and no-internet ones. When Apple events are dispatched a process can escape the sandbox, which could be exploited by hackers.
The vulnerability could lead to a compromised application restricted by the use of the no-network profile gaining access to network resources through the use of Apple events to execute other applications that are not restricted by the sandbox, making it a significant security threat.
Only the more recent versions of Mac OS X are vulnerable to this bug, including 10.5.x, 10.6.x, and 10.7.x. Those using 10.4.x are safe from the exploit.
Apple Admits To Security Issues
Apple has finally acknowledge and has promised an update for Mac OS X that will find and remove the MacDefender fake security software, and warn uninfected users when they download the infectious program.
The announcement — part of a new support document that the company posted late Tuesday — was the company’s first public recognition of the threat posed by what security experts call “scareware” or “rogueware.”
Apple has taken criticism for not publicly responding to the MacDefender threat.
“In the coming days, Apple will deliver a Mac OS X software update that will automatically find and remove Mac Defender malware and its known variants,” Apple said in the document. “The update will also help protect users by providing an explicit warning if they download this malware.”
Apple also outlined steps that users with infected Macs can take to remove the scareware.
Andrew Storms, director of security operations with nCircle Security, was surprised that Apple said it would embed a malware cleaning tool in Mac OS X.
Apple Previews New Operating System
Comments Off on Apple Previews New Operating System
Apple today released a preview version of Mac OS X 10.7, also known as Lion, to developers, who can download the new operating system from the Mac App Store.
The preview is developers’ first look at the upgrade scheduled to reach consumers sometime this summer.
Included in the preview, and to be bundled with the operating system when it ships, is Lion Server, Apple’s new server software. One analyst saw that move as an admission by Apple that it hasn’t been able to make inroads into the corporate server market.
“They’ve recognized they’re not going to break into the data center,” said Ezra Gottheil of Technology Business Research. “They’re admitting that what server sales they’ve made in the past have been to very small businesses.”
Currently, Mac OS X Snow Leopard Server is sold separately from the general-purpose edition for $499.
Late last year, Apple killed its Xserve line of rack servers, halting sales of the hardware on Jan. 31, 2011. Instead, Apple now steers customers toward Mac Pro and Mac Mini systems with Leopard Server pre-installed. The bundling of Lion Server with Mac OS X 10.7 will save customers hundreds of dollars, said Gottheil, assuming Apple sticks to its traditional $129 price point for Lion next summer.
“A very small server should cost about $700 [this summer], not the $1,000 [a server-equipped Mac Mini] costs now,” said Gottheil.