Huge Mac OS X security flaw

Mac users need to take immediate notice: A newly disclosed hole in Mac OS X allows attackers to run scripts simply by loading a web page – regardless of your browser (Safari, IE, Firefox, etc). According to Jay Allen someone can delete every file you have permissions to delete. Jay is following it pretty closely, so Mac users check his site and read the comments for updates.

The easiest fix posted so far is for Mac users to:

  1. Uncheck ("Open "safe" files after download") in "Safari -> Preferences -> General" or disable automatic launch of downloads in your browser of choice.
  2. Do not surf the Internet as a privileged user.
  3. Download MoreInternet from MonekyFood and change your help: protocol.

If Jay says you have to do it now, you have to do it now, people. Do it.

Share on FacebookTweet about this on TwitterShare on LinkedInEmail this to someone

7 thoughts on “Huge Mac OS X security flaw”

  1. Yeah, unfortunately, So far, I can't even say that I don't know what I'm talking about or that I'm overreacting. I see the raw power of this exploit and if it isn't fixed, it will be exploited, whether it be on a wide-scale or to settle a personal grudge,

    I keep hoping that someone will come in and say "Hey, this isn't that big of a deal" and enumerate some smart and grounded reasons which will convince me that my understanding is wrong. I would happily eat crow and say I was an idiot if it meant that this bug wasn't very, very real.

    So far, nothing…

    And as easy as it is for someone to exploit this hole (that is now wide open and totally public, so you KNOW some damn script kiddie is going to just see what happens) it's even easier to protect yourself against it.

    I only worry about the people who don't see these posts and remain unrpotected. I suppose that — unless Apple figures out what to do and releases a security update containing a fix for this exploit — they'll probably find out about it on the front page of the New York times or their local paper or — worse — by clicking a link.

  2. Since the hole takes advantage of the help call, you have to change how that is handled in OS X. The app referenced in the post gives you control over all of those functions. Don't ask me how, mind you. Macs are too complicated and prone to security problems. 🙂

  3. The worse damage it could do would be pretty much wipe out your personal files, all the system files are owned by root and require a password. Guaranteed Apple will jump on it if its legit… usually their fixes are ahead of the curve.

  4. Unfortunately I don't think you are overreacting, Jay. That was one of the scariest things… clicking a link (a normal http:// link, nothing suspicious about it), then watching Help open, then watching Terminal open and the 'du' command executing. That can't be good.

  5. Pingback: KevinDonahue.com

Comments are closed.