“The federal US computer security watchdog has issued a warning about a bug in Apple’s OS X operating system,” BBC News reports. “The US Computer Emergency Readiness Team (US Cert) issued the alert after security researchers produced code that could exploit the DMG bug. The flaw involves the way OS X handles disk images and could be used to crash or take over a vulnerable machine.”
The Beeb reports, “So far the DMG bug has only been shown to work under laboratory conditions and has not been seen in the wild…The bug has only been proved to work under laboratory conditions. No cases of it being exploited in the wild are known and no users are thought to be at risk. The availability of the exploit code might tempt some malicious hackers to craft webpages that take advantage of it… Users of Apple Mac computers are far less likely to suffer security problems because the vast majority of viruses are written to exploit Microsoft’s Windows operating system. There are also differences in the way that OS X works which help to prevent malicious code taking hold.”
The Beeb reports, “Apple has yet to provide a fix for the DMG bug though a workaround is known which should stop computers falling victim.”
Full article here.
[Thanks to MacDailyNews Reader “Jamie” for the heads up.]
Since the BBC, in their finite wisdom, neglect to explain the extremely simple “workaround” solution, we fill in their blank here: In Safari’s Preferences, uncheck the “Open ‘Safe’ files after downloading” box.
Mac OS X/Safari DMG vulnerability reported: Turn off automatic opening of ‘safe’ files to prevent – November 21, 2006