Mac OS X exploit code appears, takes advantage of vulnerablilties fixed by Apple last Friday

“An exploit for one of the 15 vulnerabilities patched by Apple on Friday has been posted to a malware Web site, Symantec said Monday,” Gregg Keizer reports for TechWeb.

“The code, which has appeared on the ‘milw0rm‘ site, exploits a bug that Apple Computer identified within the operating system’s kernel,” Keizer reports.

“‘The exploit payload executes /usr/bin/id, and as such would need to be replaced with a more useful payload to be used effectively,’ noted Symantec in an alert to customers of its DeepSight threat system,” Keizer reports.

Keizer reports, “Apple patched the flaw in the Mac OS X 10.4.8 upgrade it rolled out on its download site and made available via automatic update on Friday.”

Full article here.

MacDailyNews Take: This is not the first time time malware for already-patched systems (for Mac, Mac OS X, Windows, Linux, etc.) has appeared – and it certainly won’t be the last. In related news, a Mr. J. Sixpack of East Bumfsck, Ohio, solved last week’s NY Times crossword puzzle just days after The NY Times published the answers. Congrats!

Note to Mac OS X users: run Software Update or click the related article below for links to update your systems. Note to all personal computer users: keep your system up-to-date and do not download, install and run software from untrusted sources.

Related article:
Apple releases Mac OS X Tiger 10.4.8 – September 29, 2006

35 Comments

  1. “That’s nothing, I picked the winner of last year’s SuperBowl within mere minutes of it’s conclusion.”
    Mozfan, you’re good, I saw the game twice and my guys lost both times…..
    mw: slowly, as it’s slowly starting to sink (in)

  2. That’s what I love about Software Update; it takes care of everything right away, and doesn’t make a move without your knowing what’s going on.

    Speakiing of which, can someone tell me why my Software Update isn’t coming up when it finds new software (as in automatically)? I have it set for daily in the prefs, and my sister’s G3 has the same setup, and hers comes up right away.

    It’s not a big deal but it’s been on my mind for awhile.

  3. OzzysCross101,

    Toss out Software Update’s prefs file: “com.apple.SoftwareUpdate.plist”
    (in User/Library/Preferences). Run Software Update and set you desired preferences. It should work then – sounds like you may have a corrupted prefs file.

    Mac OS X isn’t perfect, but it sure is closer to perfections than any other OS available.

  4. Thanks Fred. I tried that before, but I think that I deleted the prefs for Software Update from the system on my external at the time.

    If there’s an app that doesn’t work, first try deleting the prefs; usually that does the trick. That’s what I love (also) about OS X. And if something quits twice, it give you the “Try Again” choice, thus deleting the old preferences and making new ones. It’s a smart system, and worlds more efficient than anything else out there.

    MW: My Software Update works!

  5. Hmmm… said “I wonder if the Combo Updater theory is the same kind of voodoo as repairing permissions.”

    Well, I use Software Update and have never had problems after an update.

    But I do run permissions repair before and after updates.

    Guess what? Several permissions were changed after the update to 10.4.8. So I think running it was justified.

  6. @”Hmmm…”

    sometimes if your system has a piece missing/damaged, the combo updater will fix the issue, whereas the delta updater will not. let’s say i haven’t had any issues using the combo updaters exclusively.

    i also repair permissions occasionally, but not religiously every time i update the OS. it has fixed some problems i’ve had on the Macs at work.

  7. When you have “daily” selected, it runs every 24 hours form the last time you ran it, whether it was automatically or manually. For example, if you manually did an update at 6pm, it won’t check it automatically until 6pm the next day. You sister’s Mac could be checking the updates automatically at 7am.

    After making sure it automatically checks for updates daily, do a manual check at 1am, and you should no longer have that problem. Then go see if you have a life. There is no preferences or auto update for that, you have to do a “Get-a-Life” check manually. I cant imagine anyone so concerned what time of day their Mac does its updates. A 24 hour wait has never been a critical issue with Apple updates.

  8. coolfactor,

    MDN – the exploit code posted on milw0rm allows for execution on 10.3 systems! Apple didn’t patch that last Friday, just 10.4.

    Did your teachers ever write “does not follow directions well” on your report cards?

    MDN wrote, “…Click the related article below for links to update your systems.”

    Do so reveals links to patch Mac OS X 10.3 systems.

    Sheesh.

  9. Don’t know if anyone else experienced this but after the most recent Apple updates I ran “repair permissions” and Disk Utility. On my 2 Macs after the update I had some HD errors. They could have been there before.?

    Disk Utility was able to fix the errors but it was curious that both computers had similar errors/ almost identical errors. I didn’t write them down.

    One computer is a PowerMac and one is an Intel Mac laptop.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.