Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mac OS X Struck By Severe Security Hole

Posted by ryuzaki0 on from the bend-over-everyone dept.

An anonymous reader writes "Macworld is reporting about a new security hole in Mac OS X that can be exploited to compromise a system if the user simply visits a web site with Safari. Currently, no vendor patch is available. Secunia has a demonstration of the vulnerability and suggestions for temporary workarounds."

4 of 559 comments (clear)

  1. Re:The malicious website in question? by GmAz · · Score: 0, Troll

    HA HA HA...oh wait, that auctually isn't very funny at all, in fact, its rather repetitive and really used up. Try something new for once.

    --
    Click Click Bloody Click PANCAKES!
  2. It's the 'virus' stupid... by djrogers · · Score: 0, Troll

    This 'discovery' by secunia is nothing more than a retelling of how the 'first mac osx virus' was spread last week. Nice job secunia - wait for a virus/worm/trojan, get yourself infected, then tell the world how it happened and claim it as your own 'research'. Typical media hype...

    --
    Think outside the... Hey, where'd the friggin' box go?
  3. Re:Apple, innovative? by hunterx11 · · Score: 0, Troll

    It is true that Apple really invents very little, but what they do instead is to take innovations and package them in a form available to (and desired by) consumers. Apple did not invent the GUI, nor USB, nor Unix, nor the mp3 player, nor online music distribution, nor home movie editing. However, they were the first to deliver some of these thing consumers (GUI, USB), and are the most successful in the rest. Edison didn't come up with the light bulb, nor Bell with the telephone, but we recognize their accomplishments. "Innovating" is probably an inaccurate term, though; I think, "pushing the envelope" would be better.

    --
    English is easier said than done.
  4. Re:Security fix out allready! by tpgp · · Score: 0, Troll

    Last bit first: However, I doubt you'll admit you were wrong and that you totally misread my post.

    *sighs* Sheer arrogance.

    To reply to your post in general terms:

    1) Your original post made it sound like a changed icon/social engineering trick. Adding a single word 'also' does not mitigate that.

    2) You repeat that this is what you do for a living (post on slahdot?). Congratulations. Being a computer professional does not make you special on slashdot.

    3) Your closing argument (paraphrased): when the vulnerability is fixed, it will come down to social engineering. Ummmmmm OK - thats true I guess (shrugs). My point was Ubuntu (and all other linux distros I'm aware of) do not do the script auto-execution (of malformed, or otherwise) of which you speak. Prior to hearing of this, I thought neither did OS X

    --
    My pics.