--On Thursday, March 02, 2006 08:57:18 +1100 [EMAIL PROTECTED] wrote:
Sorry to spoil everyone's fun.
<http://docs.info.apple.com/article.html?artnum=303382>
Maybe, just maybe, Apple are actually better (able/positioned) to
respond quickly to vulnerabilities before the exploits in-the-wild
affect more than 50 people? Who knows.
It doesn't look like it. They seem to have addressed the vulnerability as
it applies to Safari, but not the underlying vulnerability. If I send you
an email, with a zip attachment (naming and extension is irrelevant), and I
can get you to attempt to open the attachment (fairly trivial with many
users), I can execute abitrary code on your machine. The only
"restriction" is that, if I attempt to execute code that requires admin
privileges, I'd have to convince you to type in your password (again,
fairly trivial for most users.)
So, Apple hasn't fully addressed this problem yet. (Trust me, I've tested
it.) If you are responsible for Macs and you haven't read this yet, you
need to:
<http://isc.sans.org/diary.php?storyid=1138&rss> (Don't click the PoC link
if you're using a Mac!)
Paul Schmehl ([EMAIL PROTECTED])
Adjunct Information Security Officer
University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/ir/security/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
