“Hackers can attack Apple Inc.’s Mac OS X by exploiting an unpatched vulnerability in the open-source Samba file- and print-sharing software that’s included with the operating system, Symantec Inc. said Monday,” Computerworld reports.
“Samba, which is enabled when Mac users turn on the Windows Sharing feature that allows Microsoft Corp. customers to access files and printers on a Mac network, was pegged with multiple heap-based buffer overflow bugs earlier this month. Exploits have been released by penetration test suppliers Immunity Inc. and the Metasploit Project that target the vulnerabilities on several Linux distributions,” Computerworld reports.
“Although Mac OS X doesn’t turn on Samba by default, Macs that share a network with Windows PCs could be at risk, Symantec warned. Because Apple has not released a Samba update since 2005, users must upgrade to the latest, and secure version, themselves,” Computerworld reports. “‘Mac OS X users are advised to download and install the latest version of Samba 3.0.25 from the official website (more info and download links here),’ said Symantec. ‘If this is not possible, the Windows Sharing service should be disabled until Apple issues an official update via the Software Update service.'”
Full article with links here.
[Thanks to MacDailyNews Reader “qka” for the heads up.]
Here’s an idea…
Don’t share anything with a Windows computer.
Here’s a better idea, ban Windows.
Here’s the best idea: Apple, release a patch.
Here’s a better idea:
Oops, lost it.
Apple and Microsoft should eliminate all overflow exploits at the OS level.
@ Shinobi
“…Apple and Microsoft should eliminate all overflow exploits at the OS level….”
Microsoft IS an overflow exploit !
This one is very real. We experienced an attack using this exploit over the weekend. The attacker was able to obtain my usernames from Open Directories. They weren’t able to crack the passwords however, and weren’t able to gain access to the system. We shut down Windows sharing on the server.
I don’t Samba, but I do Tango! ” width=”19″ height=”19″ alt=”tongue wink” style=”border:0;” />
10-4, copy that Houston – All Windows file sharing is shut down till further notice – Over.
Windows, what a blight.
Notice how this involves Windows and only then does it have anything to do with OS X. Misleading headline to say OS X is vulnerable to exploit. No Windows = a good thing!
So, I hate to be a weenie, but there is no precompiled SAMBA updates for OS X on the SAMBA news site, and since the latest version is 3.0.25a should I even be considering putting this on my computer?
Just wondering.
Ok … in light of this potential “exploit” … should This Woman buy a Mac ..
or remain on the dark side ?
It’s kind of interesting that since Apple came out with the latest Security update last week, I’ve been hearing from my fellow Mac users complaining about their Safari always crashing. It’s funny that we don’t read anything about that here. Oops, I guess we are now. ” width=”19″ height=”19″ alt=”grin” style=”border:0;” />
As far as Samba, yes, Apple. Make a patch for all of us Mac users that need to work with Windows. Thank you.
–Rudge
How do I become a “penetration tester”? Sounds right up my alley!
” width=”19″ height=”19″ alt=”tongue wink” style=”border:0;” />
“How do I become a “penetration tester”? Sounds right up my alley!”
Cubert that sounds a bit gay.
just an FYI ” width=”19″ height=”19″ alt=”smile” style=”border:0;” />
oh my – Don’t let this discussion dissuade you from purchasing a Mac. You will never be sorry you made the jump. This exploit primarily affects those of us who run Mac servers on the open internet. We deal with these issues constantly on our Windows systems, and every once in a while we have to install a patch on the Mac. No worries! Come on over.
Better yet, outlaw Mindblows as a safety hazard and corporate fraud.
Sounds more like Windows is the problem, not Mac OS X.
We are now at DEFCON ONE!
Oh, I forgot, we don’t actually do shit with Winblows.
Nevermind, return to happy, go lucky, Mac life.
” width=”19″ height=”19″ alt=”raspberry” style=”border:0;” />
These guys at Symantec just don’t give up trying to sell Mac people protection.
@ totalMac
I think you may have misunderstood my earlier post ..
I was asking IF .. the woman in the video (I linked to) should buy a Mac or not …
She is the one who seems undecided … not me !
You see …
I have been using Macs (exclusively) since my old 68k w/ OS 7.1 ” width=”19″ height=”19″ alt=”LOL” style=”border:0;” />
Youre preaching to the choir, here … but thanx, anyhoo for the testamonial !
oh my – Excuse me. I should have clicked the link.
No problem, totalMac ” width=”19″ height=”19″ alt=”tongue wink” style=”border:0;” />
“Sounds more like Windows is the problem, not Mac OS X.”
That’s right, because it allows you to break into Windows boxes not Mac OS X boxes.
Oh, wait a minute, that’s not it, It allows you to break into OS X boxes. I guess it is and OS X problem after all.
Leave it to M$ to screw up OSX. Those stinkin’ bastages…