Slashdot Mirror

← Back to Stories (view on slashdot.org)

Yet Another Mac OS X Protocol Handler Exploit

Posted by pudge on from the hooray dept.

Rosyna writes "Apple just can't get any breaks lately. First the help protocol handler exploit (which has been fixed), then the telnet handler exploit, and now an exploit for any arbitrary protocol handler: make your own, then exploit it. You can auto mount a volume in Mac OS X via the disk, afp, or ftp handlers (and probably others). Paranoid Android will help prevent exploitation until Apple fixes the problem." The hole here is that when a volume with an application on it is mounted, Apple registers the application's specified protocol handlers, without additional user action. Another option is to disable those handlers that allow volume mounting, but playing that game, obviously, isn't a guaranteed win in the long run.

10 of 155 comments (clear)

  1. MS influence? by Anonymous Coward · · Score: 5, Funny

    What'd they do, hire the security team away from Microsoft?

    1. Re:MS influence? by rspress · · Score: 4, Funny

      At Microsoft is one person considered a team?

  2. Fear Bill G, Fear! by Councilor+Hart · · Score: 4, Funny
    Wow, if I were Billy boy, I would start worrying now.
    First, there is al this talk of switching to linux.
    And now even the virus writers are starting to pay attention to something else besides windows.
    Finally the end is near.
    Goodbye Billy...

    On the other hand, I do use Mac OS X.
    D'Oh...

  3. Elegant troll by Anonymous Coward · · Score: 2, Funny

    I'd clap, but this is the internet.

    1. Re:Elegant troll by Anonymous Coward · · Score: 0, Funny

      Clap anyway if you like, no-one actually cares what you think.

  4. Re:As an Apple Afficionado, I'm delighted. by Anonymous Coward · · Score: 1, Funny
    not even close, not even on the same planet

    Well, to be fair, they are on the same planet.

  5. Re:How this hole was discovered by Anonymous Coward · · Score: 1, Funny
    Slashdot is not one person. Therefore there will be different opinions about things.

    It's not? But... but... I felt like we were really making a connection. I thought I was in love. *sob!* :'(

  6. The reaction of my friends by Go+Aptran · · Score: 4, Funny
    My Windows using friends keep calling and consoling me... I think they expect me to kill myself, or something.

    --

    "Under the spreading chestnut tree, I sold you and you sold me."

  7. "Yet another?" by mpwoodward · · Score: 2, Funny

    Yeah, and that brings the total number up to two or three exploits. Let's all just switch back to Windows--it's obviously a superior, more secure operating system!

    Nice freakin' headline.

  8. Re:As an Apple Afficionado, I'm delighted. by cosmo7 · · Score: 2, Funny

    here here

    bra veau!