“Anti-virus maker Symantec Corp. is warning that it has detected a new piece of malware that tries to exploit a flaw in Mac OS X systems that Apple Computer Inc. released a software security update to fix just three days ago,” Brian Krebs reports for The Washington Post.
“‘OSX.Exploit.Launchd,’ is a ‘Trojan horse’ program that exploits a security hole in OS X’s ‘launchD’ service, which controls which programs should boot up whenever a user restarts a Mac. According to Symantec, this exploit provides the attacker root access — or total control — over any Mac system running OS X version 10.4.6 or earlier,” Krebs reports.
Full article here.
In an article breathlessly and hyperbolically headlined, “Attack code out for Apple flaw” Joris Evers reports for CNET News, “Attack code that exploits a flaw in Apple Computer’s Mac OS X was publicly released Wednesday, increasing the urgency to patch… On Tuesday, Apple delivered Mac OS X 10.4.7. The operating system update repairs a total of five flaws. Four of them affect both the client version of Mac OS X. The other, in the ClamAV antivirus software, has an impact on the server release.”
MacDailyNews Take: “Four of them affect both the client version of Mac OS X?” They can’t even write coherent sentences to support the FUD.
Evers presses on, “The exploit was created by Kevin Finisterre, a security researcher at Digital Munition. Earlier this year, Finisterre created the Inqtana worm, which targets Mac OS X and spreads using an 8-month-old vulnerability in Apple’s Bluetooth software (see Patched in mid-2005 by Apple, Symantec warns ‘Inqtana-A’ worm could be ‘beginning of a trend’ – February 20, 2006). His actions are in part to demonstrate that Apple software is not unbreakable, he has said.”
MacDailyNews Take: Ah, the wonderment! Behold the massive and unparalleled coding skill required to create proof-of-concept Mac OS X malware anytime after Apple discloses the flaw and fixes it.
Full article, along with Evers and CNET being appropriately schooled by the majority of their readers in the feedback section, here.
MacDailyNews Take: In related news, Biff Tannen found Marty McFly’s sports almanac that Doctor Emmett L. Brown threw out because McFly wanted to use it in conjunction with the DeLorean time machine to make a bundle in sports gambling. Amazingly, Tannen then stole the DeLorean and used it to give the book to himself at some point in the past! Tannen used the almanac’s info – which contained final scores for games yet to be played – and became fabulously rich. Tannen now controls all of Hill Valley along with the desperate Symantec and their CNET lackeys.
Note: Apple on Tuesday released an update that closes the security hole that this unreleased proof-of-concept Trojan would exploit if it had ever been released in the wild before Mac OS X 10.4.7. Mac OS X users can update to Mac OS X 10.4.7 via Mac OS X’s Software Update or via standalone installers for which download links can be found here. As usual, we recommend that users keep their operating systems up to date.
Advertisements:
• Introducing the super-fast, blogging, podcasting, do-everything-out-of-the-box MacBook. Starting at just $1099.
• Get the new iMac with Intel Core Duo for as low as $31 A MONTH with Free shipping!
• Get the MacBook Pro with Intel Core Duo for as low as $47 A MONTH with Free Shipping!
• Apple’s new Mac mini. Intel Core, up to 4 times faster. Starting at just $599. Free shipping.
• iPod. 15,000 songs. 25,000 photos. 150 hours of video. The new iPod. 30GB and 60GB models start at just $299. Free shipping.
• Connect iPod to your television set with the iPod AV Cable. Just $19.
• iPod Radio Remote. Listen to FM radio on your iPod and control everything with a convenient wired remote. Just $49.
Related articles:
Apple: ‘Get a Mac. Say ‘Buh-Bye’ to viruses’ – June 01, 2006
Apple releases Mac OS X 10.4.7 Update – June 27, 2006
Apple Macs and viruses: Fact vs. FUD – May 26, 2006
Symantec Antivirus software flaw allows hackers to seize control of PCs without user interaction – May 25, 2006
‘Mac security’ garbage reports continue to proliferate – May 10, 2006
ZDNet: Reduce OS X security threats – ignore security software – May 05, 2006
McAfee announces virus protection for Intel-based Apple Macs – May 05, 2006
BusinessWeek: New Apple Mac ads stir up Mac security overreaction – May 04, 2006
Unix expert: Mac OS X much more secure than Windows; recent Mac OS X security stories are media hype – May 03, 2006
Macs and viruses: the true story – May 02, 2006
Anti-Mac FUD machine shifts into overdrive – May 01, 2006
FUD Alert: Viruses don’t catch up to the Mac – May 01, 2006
BusinessWeek: Apple should hire security czar to combat uninformed media FUD – March 09, 2006
Spate of recent Mac security stories signal that Microsoft, others getting nervous – March 06, 2006
Mafiasoft: Microsoft to charge $50 per year for security service to protect Windows – February 07, 2006
Why pay Symantec for flawed ‘security’ app designed to protect Apple Macs from nonexistent threats? – December 27, 2005
‘Highly critical’ flaw in discovered in Symantec AntiVirus for Mac OS X – December 21, 2005
Why Symantec’s ‘scare tactics’ don’t worry Mac users – September 28, 2005
Motley Fool writer: ‘I’d be surprised if Symantec ever sells a single product to a Mac user again’ – March 24, 2005
Symantec cries wolf with misplaced Mac OS X ‘security’ warning – March 23, 2005
Symantec’s Mac OS X claims dismissed as nonsense, FUD – March 22, 2005
Hackers already targeting viruses for Microsoft’s Windows Vista – August 04, 2005
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005
well, it’s too late to me. I already updated mac os x 10.4.7. so I don’t have any flaw. screw up trojan!
YESS!!!!!!!!
That is what I’m talking about MDN. That Biff… what is the matter with him? He’s not very bright:
“Why don’t you make like a tree and get out of here”
“That’s about as funny as a screen door on a battleship”
bla
spreads by Bluetooth?…So I am suppose to fear someone coming within Bluetooth range with an infected Mac?
COME ON!!!
Where are the network viruses and email viruses…even a good Word Macro virus would be more threatening!
MDN can shoot a nothing story off a dog’s ear at 500 yards, Tannen!
Doc: The Symantec!! RUN FOR IT MARTY!!
MARTY: Let’s see if these bastards can do 90….
90% market share is where apple will be in 2015. Will you get your car a hover conversion?
Great closing analogy, MDN!
“His actions are in part to demonstrate that Apple software is not unbreakable, he has said.”
Somebody should tell this to use his skills for the betterment of mankind, rather than trying to prove points that don’t need proving.
He must really want to get into the spotlight shining on Apple right now. Sometimes you have to give up the things you want the most to do what’s right.
o…k…. so something that could have happened but never did can no longer happen. im sooo glad i know this so i dont have to worry about it – or i could have never known about it and not wrried about it lol
“90% market share is where apple will be in 2015”
would that be possible with apple doing the hardware and software? im sure legal issues would start to arise after 40-50% like licensing etc
How convenient that this worm found by Symantec comes out, just days after they posted some losses in the stock market….
It’s kind of hard to spread a Mac virus when there are only about 13 users world wide. LOL
Andy,
I am not sure, but I don’t think that that is true. A company is allowed to make multiple products that they sell work only with other products that they sell, such as Sony cameras and sony memory sticks, without doing anything illegal. I can’t imagine that just because a product is a hit it would all of a sudden become against the law.
Also, Apple computers run plenty of operating systems (now including windows) as well as Macintosh, so I can’t imagine that if Apple computers take off any laws would be broken.
You’re a slacker, No Kool Aid! A slacker!
That was the best MDN take ever. You guys are the just the best. Happy 4th to everyone at MDN!
Strickland: I know what you’re thinking and I ain’t buying a subscription to the Saturday Evening Post.
Kool Aid:
Billy G. and his Jonestown tea party went –> thataway…
On today’s menu we have a delicious Distant Vista tea… on ice!
Would you like some lovely Office 2007 croissants to go with… oh, sorry. They aren’t ready yet.
I’m using both OS X and WinXP, and I don’t use any antivirus on neither one…
IT IS NOT HARD TO AWOID GETTING A VIRUS!!!
– just don’t click “download” when you’re on a pornsite –
(yes, it is that easy)
” I can’t imagine that just because a product is a hit it would all of a sudden become against the law.”
Well, marijuana seems to be a great hit.
1. ALL platforms are vulnerable to trojans.
2. As MDN pointed out, coding a proof-of-concept trojan the day after the flaw is fixed doesn’t count.
The moral of the story? Turn off all unnecessary services & access points, never download anything from an untrusted source (DUH!!), and keep your security updates current, even with OS X.
All of which are common sense. No news here.
MDN I have read many takes on this site, but that, i must say, is the winner.
Sorry Symantec but I’m already at 10.4.7 and your story of FUD is to late even if it was true. I also read that it can only be done to a local machine. In other words someone with physical access, so the chance of this happening is sooooo, loooowwwww it’s like, whatever.
Here’s how the exploit works
>www.digitalmunition.com/DMA[2006-0628a].txt<
So nice of him to release this exploit when most Mac’s are not updated yet.
$5 says Symantec created the trojan based on this info to pump up their sales, what’s REALLY FSCKING BAD is Apple Stores sells Symantec’s crap software right next to brand new Mac’s.
What’s the use touting Mac OS X security against viruses when they sell anti-malware software right next to new Macs?
THIS LAUNCHD was written BY APPLE to take over cerain aspects of UNIX’s ROCK SOLID SECURITY and ITS A MISTAKE BY APPLE IN THE LAUNCHD code thats responsible.
HELLO APPLE, YOU HAVE A COMPROMISED EMPLOYEE THATS ALLOWING THESE EXPLOITS
It goes to show it’s by using UNIX is what makes Mac OS X secure, but Apple can’t seem to make WHAT THEY CODE SECURE!!
MDW: “Entire” Like Apple needs to closely examine their ENTIRE codebase, right here, right now. SCREW LEPOARD.
mlm, i have used xp and no, its not useable at all on the internet, the last time i reinstalled a copy for a friend it was infected 5 minutes after being back online with no protection
Is Symantec f*^&#xin;g serious? Are that _THAT_ desperate to try to lure Mac users into buying there CrapWare?
I despise everything that has to do with them. Ugh…vomit.