Microsoft Brings Security Holes to the Mac

← Back to Stories (view on slashdot.org)

Microsoft Brings Security Holes to the Mac

Posted by pudge on Wednesday February 11, 2004 @08:38AM from the okay-that-is-unfair-but-so-are-their-business-practices dept.

eMilkshake writes "There is an MS security bulletin that reads, in part, 'A security vulnerability exists ... because of the method by which Virtual PC for Mac creates a temporary file when you run Virtual PC for Mac. An attacker could exploit this vulnerability by inserting malicious code into the file which could cause the code to be run with system privileges. This could give the attacker complete control over the system.' Guess VirtualPC really brings the Windows experience to the Mac!" An update is available from the Microsoft site. On the flip side: sking writes "Australian IT reports on Microsoft's continuing development for the Mac: 'I just want to thank Apple for providing all those great innovative technologies that let us do what we love best: creating great applications,' gushed head of Microsoft's Macintosh Business Unit Roz Ho."

5 of 76 comments (clear)

Min score:

Reason:

Sort:

Whoever picked that title is a horse's ass. by Elwood+P+Dowd · 2004-02-11 08:50 · Score: 4, Insightful

What Microsoft did was bring their huge audience to a security update for Connectix's tiny little program, VirtualPC. How much input do we really think that Microsoft had on this latest release of VirtualPC? Don't you really think that it was probably horked by the same programmers that would have horked it at the previous developer?

So, someone found the hole. Microsoft released the patch information to every person subscribed to their security lists. That's a lot of weenies. For all we know, if VPC hadn't become an MS product, the vulnerability would still be there, and *no* *one* would have heard about it, including the developers.

--

There are no trails. There are no trees out here.
1. Re:Whoever picked that title is a horse's ass. by pudge · 2004-02-11 08:59 · Score: 1, Insightful
  
  Elwood, lighten up. :-)
Re:Only a matter of time by Go+Aptran · 2004-02-11 09:25 · Score: 4, Insightful

Probably to prevent a Mac user from passing along a Windows virus to a friend who owns PC, by forwarding an infected email.

--
"Under the spreading chestnut tree, I sold you and you sold me."
Re:VPC Vunerabilities Aren't New by kinnell · 2004-02-11 09:54 · Score: 4, Insightful

The good news is that infections will only compromise the PC environment(s) in use. The Mac that is running VPC cannot be touched as it is effectively an invisible party to the VPC environments
Are you sure? The alert seems to imply that it can gain root access to the underlying system, not just the VPC environment.

--
If I seem short sighted, it is because I stand on the shoulders of midgets
Re:Only a matter of time by Go+Aptran · 2004-02-11 11:39 · Score: 4, Insightful

Ah...but in a business setting, you don't want to have Macs that are capable of passing along a virus or worm to your clients who might be running a PC. It looks very unprofessional.
Additionally, it might be easier to make the case for getting a Mac into a Windows office if you can point at the existence of current Anti-Virus software... at it makes the suits less nervous.

--
"Under the spreading chestnut tree, I sold you and you sold me."