All the latest UK technology news, reviews and analysis

Mac Mail flaw resurfaces in Leopard

by Shaun Nichols

More from this author

21 Nov 2007

Be the first to comment

  • Tweet this
Leopard
The vulnerability lies in the way Mail handles image attachments

Researchers have reported a vulnerability in Apple's Leopard operating system that the company had already patched.

Heise Security said in a news posting that it had found the flaw in Apple's Mail application.

Further reading

The vulnerability lies in the way Mail handles image attachments. An attacker could take executable code and rename it as a .jpg file. Mail would then run the code without the user even being aware that an application had been started.

This could allow an attacker to distribute malicious code to users disguised as an image attachment.

Heise Security said that, while the unpatched vulnerability is unique to Apple's latest operating system, it is hardly new.

Apple patched the same flaw for Leopard's predecessor, MacOS 10.4 Tiger, in early 2006. When a user attempts to open the attachment in Tiger, a warning is displayed that the file is an executable and not an image.

"Apple apparently either did not incorporate this update into Leopard, or did not do it correctly," said Heise Security.

The security firm has set up a webpage which sends the user an email to test for the vulnerability.

Do you agree?

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Operating Systems

ZTE Light Tab II Android tablet

ZTE unveils Light II Android tablet for UK market

Related white papers

Related articles

Related jobs

Today's top stories

Web blocking. Content owners want to stop copyright infringement

Music file-sharing site taken offline by UK Serious Organised Crime Agency

Mozilla Firefox logo

Mozilla adds Android and security updates to Firefox roadmap

Acer Aspire S3 Ultrabook

Acer Aspire S3 ultrabook review

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

99%

0%

1%

0%

0%

Features

V3 and The INQUIRER editor Madeline Bennett

BBC and Sky News show tough love with Twitter policies

V3's Rosalie Marshall

World indulges in a Facebook facts fest as firm prepares to float

facebook-new

Top five most interesting figures from Facebook’s IPO

Khidr headshot

Intel will prove Steve Jobs wrong in the mobile market

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

Java developer (J2EE/Web) - Nr Warrington (off M6)

Java / J2EE analyst programmer with experience of building...

Crystal Reports Developer London or Dublin £340 per day

Crystal Reports Developer London or Dublin £340 per day...

Systems Administrator

Our client is a major Broadcasting company seeking a...

Support Engineer - Linux/ Windows

Support Engineer required to work for leading Online...

To send to more than one email address, simply separate each address with a comma.