Symantec warns of new proof-of-concept ‘trojan horse’ for Mac OS X 10.4.6

“Anti-virus maker Symantec Corp. is warning that it has detected a new piece of malware that tries to exploit a flaw in Mac OS X systems that Apple Computer Inc. released a software security update to fix just three days ago,” Brian Krebs reports for The Washington Post.

“‘OSX.Exploit.Launchd,’ is a ‘Trojan horse’ program that exploits a security hole in OS X’s ‘launchD’ service, which controls which programs should boot up whenever a user restarts a Mac. According to Symantec, this exploit provides the attacker root access — or total control — over any Mac system running OS X version 10.4.6 or earlier,” Krebs reports.

Full article here.

In an article breathlessly and hyperbolically headlined, “Attack code out for Apple flaw” Joris Evers reports for CNET News, “Attack code that exploits a flaw in Apple Computer’s Mac OS X was publicly released Wednesday, increasing the urgency to patch… On Tuesday, Apple delivered Mac OS X 10.4.7. The operating system update repairs a total of five flaws. Four of them affect both the client version of Mac OS X. The other, in the ClamAV antivirus software, has an impact on the server release.”

MacDailyNews Take: “Four of them affect both the client version of Mac OS X?” They can’t even write coherent sentences to support the FUD.

Evers presses on, “The exploit was created by Kevin Finisterre, a security researcher at Digital Munition. Earlier this year, Finisterre created the Inqtana worm, which targets Mac OS X and spreads using an 8-month-old vulnerability in Apple’s Bluetooth software (see Patched in mid-2005 by Apple, Symantec warns ‘Inqtana-A’ worm could be ‘beginning of a trend’ – February 20, 2006). His actions are in part to demonstrate that Apple software is not unbreakable, he has said.”

MacDailyNews Take: Ah, the wonderment! Behold the massive and unparalleled coding skill required to create proof-of-concept Mac OS X malware anytime after Apple discloses the flaw and fixes it.

Full article, along with Evers and CNET being appropriately schooled by the majority of their readers in the feedback section, here.

MacDailyNews Take: In related news, Biff Tannen found Marty McFly’s sports almanac that Doctor Emmett L. Brown threw out because McFly wanted to use it in conjunction with the DeLorean time machine to make a bundle in sports gambling. Amazingly, Tannen then stole the DeLorean and used it to give the book to himself at some point in the past! Tannen used the almanac’s info – which contained final scores for games yet to be played – and became fabulously rich. Tannen now controls all of Hill Valley along with the desperate Symantec and their CNET lackeys.

Note: Apple on Tuesday released an update that closes the security hole that this unreleased proof-of-concept Trojan would exploit if it had ever been released in the wild before Mac OS X 10.4.7. Mac OS X users can update to Mac OS X 10.4.7 via Mac OS X’s Software Update or via standalone installers for which download links can be found here. As usual, we recommend that users keep their operating systems up to date.

Advertisements:
Introducing the super-fast, blogging, podcasting, do-everything-out-of-the-box MacBook.  Starting at just $1099.
Get the new iMac with Intel Core Duo for as low as $31 A MONTH with Free shipping!
Get the MacBook Pro with Intel Core Duo for as low as $47 A MONTH with Free Shipping!
Apple’s new Mac mini. Intel Core, up to 4 times faster. Starting at just $599. Free shipping.
iPod. 15,000 songs. 25,000 photos. 150 hours of video. The new iPod. 30GB and 60GB models start at just $299. Free shipping.
Connect iPod to your television set with the iPod AV Cable. Just $19.
iPod Radio Remote. Listen to FM radio on your iPod and control everything with a convenient wired remote. Just $49.

Related articles:
Apple: ‘Get a Mac. Say ‘Buh-Bye’ to viruses’ – June 01, 2006
Apple releases Mac OS X 10.4.7 Update – June 27, 2006
Apple Macs and viruses: Fact vs. FUD – May 26, 2006
Symantec Antivirus software flaw allows hackers to seize control of PCs without user interaction – May 25, 2006
‘Mac security’ garbage reports continue to proliferate – May 10, 2006
ZDNet: Reduce OS X security threats – ignore security software – May 05, 2006
McAfee announces virus protection for Intel-based Apple Macs – May 05, 2006
BusinessWeek: New Apple Mac ads stir up Mac security overreaction – May 04, 2006
Unix expert: Mac OS X much more secure than Windows; recent Mac OS X security stories are media hype – May 03, 2006
Macs and viruses: the true story – May 02, 2006
Anti-Mac FUD machine shifts into overdrive – May 01, 2006
FUD Alert: Viruses don’t catch up to the Mac – May 01, 2006
BusinessWeek: Apple should hire security czar to combat uninformed media FUD – March 09, 2006
Spate of recent Mac security stories signal that Microsoft, others getting nervous – March 06, 2006
Mafiasoft: Microsoft to charge $50 per year for security service to protect Windows – February 07, 2006
Why pay Symantec for flawed ‘security’ app designed to protect Apple Macs from nonexistent threats? – December 27, 2005
‘Highly critical’ flaw in discovered in Symantec AntiVirus for Mac OS X – December 21, 2005
Why Symantec’s ‘scare tactics’ don’t worry Mac users – September 28, 2005
Motley Fool writer: ‘I’d be surprised if Symantec ever sells a single product to a Mac user again’ – March 24, 2005
Symantec cries wolf with misplaced Mac OS X ‘security’ warning – March 23, 2005
Symantec’s Mac OS X claims dismissed as nonsense, FUD – March 22, 2005
Hackers already targeting viruses for Microsoft’s Windows Vista – August 04, 2005
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005

73 Comments

  1. YESS!!!!!!!!

    That is what I’m talking about MDN. That Biff… what is the matter with him? He’s not very bright:

    “Why don’t you make like a tree and get out of here”

    “That’s about as funny as a screen door on a battleship”

  2. spreads by Bluetooth?…So I am suppose to fear someone coming within Bluetooth range with an infected Mac?

    COME ON!!!

    Where are the network viruses and email viruses…even a good Word Macro virus would be more threatening!

  3. Doc: The Symantec!! RUN FOR IT MARTY!!

    MARTY: Let’s see if these bastards can do 90….

    90% market share is where apple will be in 2015. Will you get your car a hover conversion?

  4. Great closing analogy, MDN!

    “His actions are in part to demonstrate that Apple software is not unbreakable, he has said.”

    Somebody should tell this to use his skills for the betterment of mankind, rather than trying to prove points that don’t need proving.

    He must really want to get into the spotlight shining on Apple right now. Sometimes you have to give up the things you want the most to do what’s right.

  5. o…k…. so something that could have happened but never did can no longer happen. im sooo glad i know this so i dont have to worry about it – or i could have never known about it and not wrried about it lol

  6. “90% market share is where apple will be in 2015”

    would that be possible with apple doing the hardware and software? im sure legal issues would start to arise after 40-50% like licensing etc

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.