A new critical threat to
Apple's
OS X operating system
has surfaced that could allow attackers to compromise systems without any user
interaction.
The flaw affects the way OS X handles meta data for Zip archives. The
application considers the files to be safe and will automatically open them,
allowing attackers to embed script code that the OS will execute without the
user's knowledge.
Attackers could exploit the vulnerability to install software such as spyware
or rootkits.
A system could become infected when users visit specially crafted websites or
when saving any infected Zip archive. The attack requires no user interaction
and uses the Terminal application, which is the OS X command shell.
Users of older versions of the operating system will first receive a warning
asking whether they wish to execute the applications, but Apple removed this
feature in the current 10.4 version of the operating system.
Security firm Secunia gave
the flaw its highest rating of 'extremely critical', and said in
an
advisory that users can neutralise the threat by disabling the auto-run
feature in the Safari browser.
But the SANS Internet Storm
Center later
issued a
warning that this workaround will fail fully to protect users.
Do you agree?
Have your say on this article