DealsOnTheWeb Daily Deal: Free Shipping at Omaha Steaks on orders of $75 or More - Two Days Only!!!
Additional Details Emerge About Mac Hack
by , 3:10 PM EDT, April 25th, 2007
Additional details have been posted about the Macintosh compromise discovered last week at the CanSecWest 2007 Conference. The exploit involves a Java-enabled Browser plus QuickTime and was documented at the Secunia Website on Tuesday.
Without disclosing the "how," Mr. Dino Dai Zovi who was the developer of a prize winning exploit of Mac OS X -- when connected to an external URL via Safari -- posted formal information about the exploit.
"The vulnerability is caused due to an unspecified error within the Java handling in QuickTime. This can be exploited to execute arbitrary code when a user visits a malicious web site using a Java-enabled browser e.g. Safari or Firefox," the advisory said.
The severity was rated as "Highly Critical." The advisory noted that other Browsers and platforms may also be affected.
Observer Comments
Wed Apr 25, 2007 7:07 pm Subject: Highly Critical?
QuoteGuest wrote:
My understanding of the exploit is that it gives a remote user logged-in user priviliges, not root. Why would that be highly critical?
It might allow the perpetrator to do damage--overwriting files, for example. It's yet another reason that a lot of experts advise running in a "standard" user mode, rather than administrator mode.
Thu Apr 26, 2007 12:00 am Subject: Turn off Java
Recent Headlines - Updated Saturday, November 29th, 2008
- Sat., 9:00 PM
- Podcast - Apple Weekly Report #135: Apple Lawsuits, Banned iPhone Ad, Green MacBook Ad
- Fri., 12:45 PM
- Podcast - Mac Geek Gab #178: Batch Permission Changes, Encrypting Follow-up, Re-Enabling AirPort, and GigE speeds
- Thu., 1:30 PM
- iPO Review - Scosche kickBACK iPhone case
- 7:00 AM
- Happy Thanksgiving from TMO!
- Wed., 6:00 PM
- TMO Appearances - Nancy Gravley Joins MacJury Gift Guide
- 5:15 PM
- TMO Visits The Bay, a Premium Apple Reseller in New Zealand
- 3:25 PM
- iPO Oh the Games You'll Play - iPhone: The Wii of Handheld Gaming Devices?
- 2:15 PM
- Sonnet Releases Simply Fast FireWire 800 to 400 Adapter
- 1:10 PM
- Mac Gaming News - Disney Plans 1st Annual PotC Online Thanksgiving Event
- 12:05 PM
- iPodObserver - UK Shuts Down iPhone 3G Ad
- 11:15 AM
- TMO Appearances - Jeff Gamet on MacJury Gift Guide
- 10:30 AM
- TMO Contest - TMO Announces Macworld Expo Pass Winners
- 9:50 AM
- PhotoCopy 1.1 Adds iPhoto Event Support
- 9:15 AM
- Acclivity Buys MYOB US
- 8:30 AM
- Review - Bento 2 Holiday Pack
- 7:50 AM
- Microsoft Offers Black Friday Office Discount
- 7:30 AM
- iPO Quick Tip - iPhone: Google Street View
The Mac Observer Reader Specials
- Download Typestyler, still the Ultimate Styling Tool for Internet, Print and Video Graphics. Works great in Classic with a Native OS X Version on the way. Free Tryout: www.typestyler.com
Seagate 1TB 7200.11 7200RPM/32MB Cache SATA Drive $112 Hitachi 320GB 7200RPM/16MB Cache 2.5" SATA Drive $96. Samsung 500GB 5400RPM/8MB Cache 2.5" SATA Drive $138. ATA-SATA Internal External Firewire Drives & More. Click to Maximize your Macs...
Mac observers can now play Party Poker for Mac as well as Mac casino games by going to MacPokerOnline.com.
RamJet Memory: Mac Pro FB-DIMMs: 2Gig kit $95, 4Gig Kit $179, 8Gig Kit $355! MacBook 2Gig Kit $78, 4Gig Kit $149! Click hereFor the latest Apple products use Ciao a comparison website to find laptops like MacBook Air. Then find the best prices on MP3 players and use our comparison tool to evaluate cell phones.
Laptop Hardware Provided by TechRestore - Overnight Mac & iPod Repairs.
Marshmallow Popper Gun Shooter: $9.99 Delivered - Make the Yam Side Dish a Sporting Event 
OnSale's ThanksGiving Day/Black Friday Combo Sale - Turkey, Deals, and LeftOvers - The Holiday Trifecta! 
Fall Knuckle Deep into Dell Small Business's Black Friday Sale - Going on Now!!!!! 
File Your Nails Now - Overstock's Black Friday Sale is Coming! Get Great Gifts at Great Prices 
