Internet Storm Center
Training
Certification
Cyber Security Graduate School
Security Awareness Training
Computer Forensics
Penetration Testing
IT Audit
Software Security
Vulnerability Exploit for Snow Leopard
Last Updated: 2012-05-05 18:05:45 UTC
by Tony Carothers (Version: 1)
Today there was a brief discussion among a few Handlers regarding the vulnerability reported by Microsoft in March. The discussion was not so much on the fact that there was an exploit for a Mac OS, or that it was published by Microsoft. The discussion was focused on the sense of complacency that has seemed to develop around Mac products where security is concerned.
Looking back to 2001, Larry Ellison proudly proclaimed Oracle was ‘unbreakable’ (That statement proved to be untrue, and the hacking community gladly pointed that out to Oracle very quickly.) At the time he most likely based his statement on the fact that there were no known vulnerabilities in the database application at the time. And, at that moment in time, it may have been true. But time marches on....
While the Mac operating systems may not have the number of vulnerabilities that exist in other operating systems, they do exist, and it is only a matter of time before those vulnerabilities play out in the public. We as security professionals would be wise to look at the history of end-user platforms and plan accordingly. It is only a matter of time, as the exposure of these systems increases, the number of reported vulnerabilities will increase.
Thoughts?
tony d0t carothers - gmail
Comments
> Yes."
And a PC is safe from Mac viruses. That's because a Mac cannot open a .EXE and a PC cannot open a .DMG.
Neither is safe from multi-platform malware, that exploits a common multi-platform application vulnerability such as Flash/Java and contains two different payloads, one of which is deployed dependant on which platform has been compromised.
- http://atlas.arbor.net/briefs/index#-1272909644
Severity: Elevated Severity
Published: Monday, April 30, 2012 16:24
Oracle is now providing a direct version of Java to OSX users.
Analysis: This is a positive development that will hopefully reduce OSX malware. The lag in patch time between Oracle and Apple has been a thorn in the side of security for some time and the pain of the recent Flashback trojan, the SabPub trojan, and now another OSX malware using the same Java security hole has been significant enough that users should migrate towards Oracle Java as soon as possible. Cyber criminals are aware that OSX is a viable platform for malware, and will have their eyes open for other gaps in coverage...
.
Of course I agree that the answer to "Does a Mac running IOS prevent MS Windows binary malware from executing?" is yes.
However, if you read the answer to the "FAQ", an experienced reader can see that the question "Is a Mac safe from PC viruses?" is deliberately marketing speak targeting noobs. The intended audience will interpret this FAQ as "Is a Mac invulnerable to malware?".
In the college my wife works at all pupils and staff ars switching from PC's running Windows to MacBook Pro's. Why? Because supposedly there is no malware for Mac's.
Brian Krebs wrote an article back in 2006 titled "Bringing Botnets Out of the Shadows" which mentioned a botnet I was doing research on that consisted of Linux and Mac systems. The mere mention of this caused a firestorm, to say the least. The complaints were coming from those that can be considered "fans" of their products.
The funny thing? The very computers they typed their outrage on is now vulnerable to the Java exploit, forever until the end of time. :) Oh, the irony.
Denying the possibility of security vulnerabilities for Mac systems is dangerous to their end users (which of course, includes me).
http://www.zdnet.com/blog/bott/oxford-university-it-staff-somewhat-overwhelmed-by-mac-malware/4937
New Comments closed for all Diaries older than two(2) weeks
Please send your comments to our Contact Form
Diary Archives
> Is a Mac safe from PC viruses?
> Yes.
Agreed, some text follows that puts things in perspective. However the ending sentences
> And Apple continually makes free security updates available for Mac owners. You can even have them download automatically.
makes me wonder when Apple wrote this.
Regarding Oracle: published vulnerabilities go back to at least 1996, see http://catless.ncl.ac.uk/Risks/17.88.html#subj8 (source: Google cache of attrition.org which appears to be down, or visit http://web.archive.org/web/20110624233211/http://attrition.org/security/rant/oracle01/ ).