Exploit Released For OS X Disk Image Flaw
On Tuesday, the Month of Kernel Bugs (MoKB) published details on a remotely exploitable vulnerability that affects the way OS X handles corrupted disk image (DMG) files. DMG files are commonly used for downloading and installing software.
The flaw can be exploited via the Safari Web browser to corrupt system memory and potentially allow an attacker to execute malicious code in kernel mode, said a security researcher who goes by the name of L.M.H. He discovered the flaw and published a proof of concept exploit on the project's Web site.
In an e-mail to CRN, L.M.H. outlined a scenario in which a Safari user would download an affected DMG file by clicking on a Web page link. If the user then mounted the DMG file by clicking on it, an attacker would have an open path to remotely exploit the vulnerability without having administrative access, he said.
At press time, Apple had yet to issue a fix for the vulnerability, which affects Mac OS X running on currently shipping Intel Macs with all patches up-to-date, according to a post on the MoKB blog.
Secunia, which rated the vulnerability as highly critical, or 4 on a 5-point scale, recommended that Safari users change their preferences to deactivate the option for automatically opening files after they are downloaded.
MoKB kicked off Nov. 1 with details of a vulnerability in the Apple Airport driver provided with Orinoco-based Airport cards that shipped with PowerBooks and iMacs from 1999 to 2003.
On Nov. 9, MoKB published details on a partially fixed vulnerability in the OS X kernel that prevents it from handling certain file types and could lead to an exploitable local denial-of-service issue.