Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mac OS Auto-Execution Vulnerability

Posted by pudge on Wednesday February 27, 2002 @11:15PM from the mac-os-is-like-so-insecure-and-stuff dept.

iGawyn writes "As reported in this BugTraq post, Mac OS and Mac OS X (via Classic) are both subject to an auto-execution vulnerability. In short, the poster says that various web browsers can automatically download a disk image containing malicious code and run it without ever telling the user. vm_converter made a test page to demonstrate the vulnerability." Yes, this is a nice variation on a theme. The lesson is: don't ever have "CD-ROM AutoPlay" turned on in your QuickTime preferences.

1 of 20 comments (clear)

Min score:

Reason:

Sort:

I think by 90XDoubleSide · 2002-02-28 05:57 · Score: 4, Interesting

we should give Apple a little credit for removing CD-ROM autoplay in OS X (which only allows you to turn on autoplay of audio CDs and DVDs). Followed swiftly by a slap on the wrist for not removing it from the latest builds of 9 an leaving X vulnerable through classic, of course:)

--
"Reality is just a convenient measure of complexity" -Alvy Ray Smith