Slashdot Mirror

← Back to Stories (view on slashdot.org)

Worm Threat Forces Apple To Disable Software?

Posted by Zonk on from the batten-down-the-hatches dept.

SkiifGeek writes "After the debacle that surrounded the announcement and non-disclosure of a worm that targets OS X, the vulnerability in mDNSResponder may have forced Apple to remove support for certain mDNSResponder capabilities with the recently released Security Update 2007-007. 'Seeming to closely follow the information disclosed by InfoSec Sellout, Apple's mDNSResponder update addresses a vulnerability that can be exploited by an attacker on the local network to gain a denial of service or arbitrary code execution condition. Apple goes on to identify that the vulnerability that they are addressing exists within the support for UPnP IGD... and that an attacker can exploit the vulnerability through simply sending a crafted network packet across the network. With the crafted network packet triggering a buffer overflow, it passes control of the vulnerable system to the attacker. Rather than patching the vulnerability and retaining the capability, Apple has completely disabled support for UPnP IGD (though there is no information about whether it is only a temporary disablement until vulnerabilities can be addressed).'"

8 of 201 comments (clear)

  1. *Pulls out a plate 'o crow* by Anonymous Coward · · Score: 5, Funny

    Come here Apple fanboys-and-girls. Lunch is served.

    1. Re:*Pulls out a plate 'o crow* by teknopurge · · Score: 3, Funny

      I wonder who wrote the UPnP spec - perhaps they are the ones at fault? (*cough*BILL GATES' University of chair-throwing throwers*cough*)

      --
      Website Hosting
    2. Re:*Pulls out a plate 'o crow* by joeytmann · · Score: 2, Funny

      GO APPLETALK!

      --
      Insert funny smart-ass comment here.
  2. ITS A LIE by Conor+Turton · · Score: 3, Funny

    I'm sorry but the article must be a lie. The Apple fanboys assure me that there's no risk of vulnerabilities. Therefore, the article is wrong - it does not exist.

    --
    Conor "You're not married,you haven't got a girlfriend and you've never seen Star Trek? Good Lord!" - Patrick Stewart
    1. Re:ITS A LIE by weak* · · Score: 3, Funny

      Mod parent up -- way to think different (tm).

      --
      The Schwartz space ain't from Spaceballs.
  3. Apple ... Worm by zariok · · Score: 5, Funny

    So an "apple" is threatened by a "worm"... you don't say.

    --
    -zariok-
  4. TV add by ax_1225 · · Score: 1, Funny

    Does this mean that the MAC guy from the TV add will get fired?

    1. Re:TV add by Farmer+Tim · · Score: 3, Funny

      "Hi, I'm a Mac"

      "And I'm a PC. Hey Mac, I heard you don't get viruses. Congratulations."

      *PC Shakes Mac's hand*

      "That's right, PC. But I do have worms."

      *PC starts wiping hand furiously*

      --
      Blank until /. makes another boneheaded UI decision.