Hi Ronni … and thank you once again,
I have not used the sleep function since I discovered that was ejecting my
Backup Drive.
I recall yourself or someone else at WAMUG suggesting that later iMacs sleep
using so little power that USB Hard Drives tend to eject because of this. The
suggestion was that HD manufacturers needed to catch up with Apple’s
technology. Unfortunately I am still waiting for that.
So I really just mentioned the Malware business in case others might not be
aware of it.
On 8 Jun 2015, at 8:00 am, Ronda Brown ro...@mac.com wrote:
Hello Stephen,
I don't think you need to unduly worry about this report, the original
mention of this came out over a week ago, and I'm sure Apple are aware of
this 'Report' and if necessary they would release a firmware and/or security
update.
If you feel more comfortable don't let your Mac go to sleep.
Or shutdown your Mac.
Symantec mention in their report:
Affected Mac users are advised to keep their software up to date since
remote exploit of this vulnerability needs to be performed in conjunction
with another vulnerability that will provide remote root access.
Updating software will prevent attacks using known exploits.
Symantec said there had been no reports of the vulnerability being exploited
in the wild. However, it did stress the likelihood of attacks
---
I tend to agree with jcrhunter comments, that this is a hypothetical problem.
Quote:
jcrhunter http://www.cnet.com/profile/jcrhunterJun 6, 2015
If I understand the statement from Symantec this vulnerability requires a
simultaneous root access vulnerability to exploit. The article states While
such (root) vulnerabilities are not widespread, they do emerge from time to
time but it doesn't state if there are any root access vulnerabilities at
the current time.
If you need two things to take over a Mac but only one exists then I don't
see how this is anything other than a hypothetical problem. It could be an
issue if there were also a root access exploit, but there's not so how is
this critical in the absence of root access? And if the attacker already
had root access wouldn't that be the bigger problem?
Cheers,
Ronni
Sent from Ronni's iPad4
On 7 Jun 2015, at 4:04 pm, Stephen Chape chap...@bigpond.com
mailto:chap...@bigpond.com wrote:
Should we be worried about this ?
http://www.cnet.com/news/symantec-confirms-existence-of-unpatched-rootkit-mac-security-flaw/?tag=nl.e703s_cid=e703ttag=e703ftag=CAD090e536
http://www.cnet.com/news/symantec-confirms-existence-of-unpatched-rootkit-mac-security-flaw/?tag=nl.e703s_cid=e703ttag=e703ftag=CAD090e536
Regards,
Stephen Chape
-- The WA Macintosh User Group Mailing List --
Archives - http://www.wamug.org.au/mailinglist/archives.shtml
Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml
Settings Unsubscribe -
http://lists.wamug.org.au/listinfo/wamug.org.au-wamug
Regards,
Stephen Chape
-- The WA Macintosh User Group Mailing List --
Archives - http://www.wamug.org.au/mailinglist/archives.shtml
Guidelines - http://www.wamug.org.au/mailinglist/guidelines.shtml
Settings Unsubscribe - http://lists.wamug.org.au/listinfo/wamug.org.au-wamug