blob: 0fbb796a2115969e51eed745a0accf949e8606fd (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
An anonymous hacker claims to have created a worm that targets Intel versions of Mac OS X. An unidentified researcher, using the moniker [Information Security Sellout][1] claims that s/he has developed the framework of a worm that [exploits a vulnerability in mDNSResponder][2], which is part of Apple's Bonjour network configuring service.
Apple recently patched mDNSResponder in a security update but InfoSec Sellout claims the patch did not address the flaw that this particular worm is targeting.
The worm, named Rape.osx by its author, is thus far unreleased and [the author tells ComputerWorld][3] that he will notify Apple of the vulnerability at some point.
However, as with many others, the author is reportedly tired of claims that OS X is more secure than other operating systems. "I do believe in being responsible and working with vendors," the author tells ComputerWorld, "but I also feel that some vendors need to be treated like children and learn lessons the hard way."
He goes on to add that "Apple has a very long way to go when dealing with security issues in their products."
While that's true (and really, what vendor doesn't have a long way to go when it come to security?), given the manner of announcing the worm and lack of details available, the announcement smacks of a bit of Mac fan-boy baiting.
Still, when and if the exploit is detailed and confirmed, it should serve as a wake-up call to Apple users who missed the last dozen or so wake-up calls -- no operating system is without flaws and vulnerabilities.
[1]: http://infosecsellout.blogspot.com/
[2]: http://www.securityfocus.com/bid/24924
[3]: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9027216&source=rss_news50
|
