“Anti-virus maker Symantec Corp. is warning that it has detected a new piece of malware that tries to exploit a flaw in Mac OS X systems that Apple Computer Inc. released a software security update to fix just three days ago,” Brian Krebs reports for The Washington Post.
“‘OSX.Exploit.Launchd,’ is a ‘Trojan horse’ program that exploits a security hole in OS X’s ‘launchD’ service, which controls which programs should boot up whenever a user restarts a Mac. According to Symantec, this exploit provides the attacker root access — or total control — over any Mac system running OS X version 10.4.6 or earlier,” Krebs reports.
Full article here.
In an article breathlessly and hyperbolically headlined, “Attack code out for Apple flaw” Joris Evers reports for CNET News, “Attack code that exploits a flaw in Apple Computer’s Mac OS X was publicly released Wednesday, increasing the urgency to patch… On Tuesday, Apple delivered Mac OS X 10.4.7. The operating system update repairs a total of five flaws. Four of them affect both the client version of Mac OS X. The other, in the ClamAV antivirus software, has an impact on the server release.”
MacDailyNews Take: “Four of them affect both the client version of Mac OS X?” They can’t even write coherent sentences to support the FUD.
Evers presses on, “The exploit was created by Kevin Finisterre, a security researcher at Digital Munition. Earlier this year, Finisterre created the Inqtana worm, which targets Mac OS X and spreads using an 8-month-old vulnerability in Apple’s Bluetooth software (see Patched in mid-2005 by Apple, Symantec warns ‘Inqtana-A’ worm could be ‘beginning of a trend’ – February 20, 2006). His actions are in part to demonstrate that Apple software is not unbreakable, he has said.”
MacDailyNews Take: Ah, the wonderment! Behold the massive and unparalleled coding skill required to create proof-of-concept Mac OS X malware anytime after Apple discloses the flaw and fixes it.
Full article, along with Evers and CNET being appropriately schooled by the majority of their readers in the feedback section, here.
MacDailyNews Take: In related news, Biff Tannen found Marty McFly’s sports almanac that Doctor Emmett L. Brown threw out because McFly wanted to use it in conjunction with the DeLorean time machine to make a bundle in sports gambling. Amazingly, Tannen then stole the DeLorean and used it to give the book to himself at some point in the past! Tannen used the almanac’s info – which contained final scores for games yet to be played – and became fabulously rich. Tannen now controls all of Hill Valley along with the desperate Symantec and their CNET lackeys.
Note: Apple on Tuesday released an update that closes the security hole that this unreleased proof-of-concept Trojan would exploit if it had ever been released in the wild before Mac OS X 10.4.7. Mac OS X users can update to Mac OS X 10.4.7 via Mac OS X’s Software Update or via standalone installers for which download links can be found here. As usual, we recommend that users keep their operating systems up to date.
Advertisements:
• Introducing the super-fast, blogging, podcasting, do-everything-out-of-the-box MacBook. Starting at just $1099.
• Get the new iMac with Intel Core Duo for as low as $31 A MONTH with Free shipping!
• Get the MacBook Pro with Intel Core Duo for as low as $47 A MONTH with Free Shipping!
• Apple’s new Mac mini. Intel Core, up to 4 times faster. Starting at just $599. Free shipping.
• iPod. 15,000 songs. 25,000 photos. 150 hours of video. The new iPod. 30GB and 60GB models start at just $299. Free shipping.
• Connect iPod to your television set with the iPod AV Cable. Just $19.
• iPod Radio Remote. Listen to FM radio on your iPod and control everything with a convenient wired remote. Just $49.
Related articles:
Apple: ‘Get a Mac. Say ‘Buh-Bye’ to viruses’ – June 01, 2006
Apple releases Mac OS X 10.4.7 Update – June 27, 2006
Apple Macs and viruses: Fact vs. FUD – May 26, 2006
Symantec Antivirus software flaw allows hackers to seize control of PCs without user interaction – May 25, 2006
‘Mac security’ garbage reports continue to proliferate – May 10, 2006
ZDNet: Reduce OS X security threats – ignore security software – May 05, 2006
McAfee announces virus protection for Intel-based Apple Macs – May 05, 2006
BusinessWeek: New Apple Mac ads stir up Mac security overreaction – May 04, 2006
Unix expert: Mac OS X much more secure than Windows; recent Mac OS X security stories are media hype – May 03, 2006
Macs and viruses: the true story – May 02, 2006
Anti-Mac FUD machine shifts into overdrive – May 01, 2006
FUD Alert: Viruses don’t catch up to the Mac – May 01, 2006
BusinessWeek: Apple should hire security czar to combat uninformed media FUD – March 09, 2006
Spate of recent Mac security stories signal that Microsoft, others getting nervous – March 06, 2006
Mafiasoft: Microsoft to charge $50 per year for security service to protect Windows – February 07, 2006
Why pay Symantec for flawed ‘security’ app designed to protect Apple Macs from nonexistent threats? – December 27, 2005
‘Highly critical’ flaw in discovered in Symantec AntiVirus for Mac OS X – December 21, 2005
Why Symantec’s ‘scare tactics’ don’t worry Mac users – September 28, 2005
Motley Fool writer: ‘I’d be surprised if Symantec ever sells a single product to a Mac user again’ – March 24, 2005
Symantec cries wolf with misplaced Mac OS X ‘security’ warning – March 23, 2005
Symantec’s Mac OS X claims dismissed as nonsense, FUD – March 22, 2005
Hackers already targeting viruses for Microsoft’s Windows Vista – August 04, 2005
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005
what’s REALLY FSCKING BAD is Apple Stores sells Symantec’s crap software right next to brand new Mac’s.
What’s also bad is Apple doesn’t have most of these updates available at the Apple Stores; you HAVE to download them.
Not all of us have broadband (it’s not even available in my neighborhood). When even a small update is 20 megs, it sucks.
I’d gladly pay Apple $5 to $10 to get updates on disk. Anybody listening?
what’s REALLY FSCKING BAD is Apple Stores sells Symantec’s crap software right next to brand new Mac’s.
What’s also bad is Apple doesn’t have most of these updates available at the Apple Stores; you HAVE to download them.
Not all of us have broadband (it’s not even available in my neighborhood). When even a small update is 20 megs, it sucks.
I’d gladly pay Apple $5 to $10 to get updates on disk. Anybody listening?
Hmm….advices from Symantec, the company producer of some products could lead to a third person to take control of your system. Of course this is already patched….but after the “discovery” (wonder how much time they did spend in that, cannot recall the whole story)
Bravo!!!
Why doesn’t Apple sue the little prick for writing “virus’ or malware.” Maybe just take a complaint to the local gendarmes or the Feds. Joris Evers needs to meet his maker (Symantec).
Guys don;t be so harsh. The corporate PC virus development department spent months of overtime making these viruses so we would need to actually buy AV software. So give them a “golf clap”.
I said it months ago…..These companies make the viruses that effect PC’s to keep the AV software sales up. With this article they finally showed their hand. The question is..was the intention of the anouncement to scare the common OS X user or to let Apple know that they are working hard to make OS X as vunerable as Windoze.
Just my $0.02
Symantec didn’t find or discover this worm. As is fully documented on their Security Focus site:
http://www.securityfocus.com/bid/18724/info
“Credit: Kevin Finisterre of DigitalMunition is credited with the discovery of this vulnerability.”
dial up
Just contact Apple or OtherWorld Computing.
I’m sure either one will provide some sort of disk by mail solution.
Heck you can even download the files with a PC at a local internet cafe, burn it to dvd and stick it in your Mac.
I couldn’t care less. I’ve been using Macs since 1995 and never, ever got a virus or trojan from System 7.5 up to OS X 10.4.7.
With such track record do you really think I’m going to worry now?!?
Knock Knock
Who’s there?
The sky is falling.
Oh it’s just Symantec bums again
Leave Mac users alone, Microsoft is the desperate company take a look at this.
http://www.nytimes.com/2006/06/29/technology/29pogue.html?ex=1151812800&en=739dcf991b70b68e&ei=5087

Symantic warns of new proof-of-concept ‘trojan horse’ for Mac OS X…
yea… trojan horseshit. call me when there is a real threat.
It’s FUD Season again!
This happens everytime Apple is getting close to a major event…
What is happening is that Apple is going to be making some major OS revelations and announcements in 5 weeks at the WWDC… and those fearful of Apple are ramping up the FUD…
If you have an Apple Store near you, if the folks at the Genius Bar aren’t swamped with switchers looking for the Start button they’ll often burn a disk with the updates for you…or if you’re on a laptop just bring it in and plug it in to their Ethernet connection to download the updates (they did that for me with my old clamshell iBook when I needed to update the firmware before installing OS X but I didn’t have an Internet connection at the time — long story there…).
NOT EVERYONE IS A MAC GEEK WHO RUNS SOFTWARE UPDATE EVERY 5 MINUTES AND HAS AN ORGASM OVER THE LATEST VERSION OF OS X.
There are probably millions of Macs running 10.4.6 and earlier.
Dennis: Sounds like you want to be able to do the stuff that only Vista will allow you to do. A pity that Vista is only a Beta2 pipe-dream so far.
Thank goodness for OSX where we can do all and so much more than what Vista can and have been doing on the most part since 2001.
I have heard that 98% of Windows users would prefer to use a Macintosh instead, but are prevented from doing so by some IT oompa loompa that would rather keep you in their pocket, another $50 per hour thing and lie almost like doctors do, I’m the professional I can say what I like and this numbskull won’t know the difference!
Honestly I see this all the time whenever I drop by a friends PC Hardware Store, Windows users seem only too happy to hand over hard earned cash just for a quick 5 minute fix and then only end up coming back for another round a few days later.
I only go into such places to buy hard drives, ink cartridges etc.
Windows for me is just for gaming, the forerunner and companion to the Xbox & 360.
Get a Brain, Get Wise, Get an iLife and Get a Mac!
On the issue that not everyone has 10.4.7, older hardware and such, my G3 350 Yosemite installed and runs 10.4.7 happily.
Although I am now in the process of removing the G3, my very first Mac, so there is the issue of sentiment there, but I am seeking other ways to still use the G3.
As for the above Symantec thing, yes it is all about market forces, trying to sell their product and make money out of folks who should know better, that being the majority of Mac Users by default, why else use a Mac to get on and make great things, earn more on average than a PC guy?
My college has a wireless network, which requires certificate registration and installation on students own laptop hardware, there is the policy about having anti-virus software, so I have been using ClamXav and made the odd donation now and again, though this is optional and won’t prevent you from using ClamXav as normal.
How many companies, like Symantec & McAfee, will allow you to still use their software (legally) without paying for it?
Can I Sue Symantec For Selling Me Software That Hasn’t Worked? I Have Had Their Anti Virus Software On My Mac On And Off Over The Period Of 7 Years And Yet Still Hasn’t Found And Removed A Single Virus From My Mac.
one of the comments there is worth to fully report here:
Setting the record straight – again.
Reader post by: Terry Murphy
Posted on: June 29, 2006, 2:38 PM PDT
Story: Attack code out for Apple flaw
Kevin Finisterre, founder of security startup Digital Munition
referenced in this article was interviewed by Security Focus on
2/27/06 (See http://www.securityfocus.com/columnists/389)
Since this Cnet article appears to needlessly try and resuscitate
the Bluetooth InqTana worm scare, the following excerpt from
Finisterre’s interview is worth noting:
Q. In your paper, it sounds like both 10.4 and 10.3 were
vulnerable, but aren’t any longer. Is that right?
A. The Bluetooth bug that InqTana exploits has been patched for
some time now.
In the same interview, Finisterre remarks about the less than
vigorous tendencies journalists have pertaining to accurately
reporting of software security issues:
Q. Did any antivirus company acknowledge that this was a lab
creation that would have a hard time spreading? Do you think
the vendors treated this well or as a marketing ploy?
A. Although blatantly mentioned in most of the antivirus threat
notices, you will find that folks are still implying that the code
will actually spread. I think this is a bit misleading. The fact of
the matter is that InqTana is not spreading and physically cannot
(spread) without a third party making their own variant.
Headlines like New Mac Worm Spreads Via Bluetooth and Second
Apple worm targeting Macs found are slightly skewed. First, the
code is not spreading in any sense of the word nor was it
“found” anywhere Since most articles are copied and pasted from
the same source, you will find that a number of sources correctly
identify this as “proof of concept.” Quite a few folks actually
mention the fact that it is both time limited and crippled to a
specific set of Bluetooth addresses.
Unfortunately, not here. The present Cnet article continues the
“accuracy be damned” approach and relies on sensationalistic
claims while downplaying the actual (proof of concept) nature of
the issue. And in the present case, an issue for which nothing
exists in the wild and an issue for which a patch (10.4.7) has
already been released.
Once again. Windows users can only dream that they have it this
good.
This just proves that OSX is going to be the most hacked operating system in history. With more holes then swiss cheese, expect to see exploits blow up every macintosh that ever existed. This is even funnier when you take into account that no one on a Macintosh runs an anti-virus program (crucial for any computer on the net) and most are so stupid and misinformed that they wouldn’t know a virus or malware if it bit them on the ass.
When ultra-secure Vista comes out at the end of the year it will mark the final end to both the Macintosh and Apple. With viruses and malware crashing every Mac and Apple unable to stop the wave they will have to stop producing computers and eventually go out of business. We already see this will the ever falling stock price as investors realize how much trouble Apple is in.
Time to buy a real computer from HP or Lenovo.
Static,
Just contact Apple or OtherWorld Computing.
I’m sure either one will provide some sort of disk by mail solution.
I’ll have to check OWC. Apple won’t.
As for Internet cafes… I’d rather run without the updates.
Static,
Just contact Apple or OtherWorld Computing.
I’m sure either one will provide some sort of disk by mail solution.
I’ll have to check OWC. Apple won’t.
As for Internet cafes… I’d rather run without the updates.
With more holes then swiss cheese, expect to see exploits blow up every macintosh that ever existed. — Mac Realist my Ass
Plain silly, stupid and uninformed. A computer must be visible before any malware could even try to compromise it. (*visible* meaning responding to unsolicited port probes and packet traffic). After being visible, that is after having acknowledged its presence on the net it must have a port that is open to incoming traffic without filtering and/or monitoring it. Mac OS X has oll ports closed by default. Then the malware must be able to exploit flaws without intervention by the user.
While all above happens regularly on Windows, it does not happens easily on Unix in general nor on OS X where it is even more difficult.
Moreover, the majority of Mac users know pretty well Windows in their work places hence they know exactly all that concerns virus, bots, spyware and the like. Feeling safe on the Mac is not by ignorance, but out of knowing exactly what happens on Windows and knowing exactly that it cannot happen the same way on OS X.
There is not going any wave on OS X for the same reasons there are no waves of any kind of Linux and Unix in general. FreeBSD Unix, which NextOS has its roots in and OS X which essentially is the next NextOS enjoy from the very same reasons FreeBSD Unix has stellar record on security.
It is time to buy a computer that can run EVERYTHING rather than limiting on something that is mediocre, already flawed by over 100,000 malware threats. Only and idiot and uninformed zombie could nowaday suggest to buy a computer that can only run Windows and Linux vs a computer that can run Windows, Linux, and OS X.
Mac Realist, thanks for showing us all that idiocy is still alive and kicking.
When ultra-secure Vista comes out at the end of the year
LOL, what a troll.
You do not even know that Microshaft already announced further delays and cuts on Vista. It is not expected before Q2 of 2007.
AHHHUHHUAHHAHAHOHOHHOAHAHAO
end of year….
oahahhahahhuhhuohhhoho
ultra-secure…
ahdahdhahhahahhahehohohohoh
There are already Vista virus around and kits to build worms for Vista AND IT IS NOT EVEN OUT YET!!!!!!!!!!!!!!!!!!!!!
AHAHHAHEOHHUHUHEOAHHAOHAHHAHAHU
Must sux big time to be so frigging stupid on Windows world. No surprise Gates has so many $s, there are so many Windows COWS to milk around.
AHAHHOAHEHHHAHAHOAHAOHEHAHOEHAHEHAOH
Mac Realist, you are a joke.
this Mac TROLL Realist my ASS?
the proof of concept (which part of it you do not understand microcephalus?)
comes after a patch for it has been released.
When ever Microsucks released a patch BEFORE flaws where exploited, corporations lost billions, and trolls like you were screwed from the back with sand as lubricant and moaning like old sluts?
it is a proof of concept released after it has been patched and patching OS X is not a risky business as for Windows so much so that corporations go months after months of test every one of it because every patch M$ releases breaks their infrastructure.
Enjoy your sand lubricated ass fucking Windows zombie troll. You deserve it.
Don’t forget to close the door when you are outta here, lowlife lobster.
Don’t worry, I’ll explain to you:
Lobster: “a tail full of meat and a head full of shit”
d i a l u p,
Take a blank disk into a retail store. They should let you download and burn the update on one of the store machines. Or if it is portable, on the airport network in the store.
AppleGuy