Symantec warns of Mac OS X ‘Windows Sharing’ Samba bug

“Symantec Corp. this week warned Mac OS X users that the addition of an exploit to the Metasploit hacking framework had boosted the threat posed by an unpatched bug in Samba, the open-source file- and print-sharing software included with the Apple operating system,” Gregg Keizer reports for Computerworld.

“Although the vulnerability was disclosed May 14 and patched that same day by the Samba community, Apple has not updated Mac OS X with a fix, said Symantec’s Alfred Huger, vice president of engineering with the security company’s response group,” Keizer reports.

“Samba, which is also used by most Linux distributions to file- and print-sharing with Windows systems, is turned on in Mac OS X when users activate the Windows Sharing feature,” Keizer reports.

“Symantec recommended that users disable the Windows Sharing service until Apple produces a patch. Technically astute users, however, may be able to handle the more rigorous chore of compiling the latest version of Samba manually in lieu of waiting for Apple,” Keizer reports.

Full article here.

MacDailyNews Note: By default, every service listed in Mac OS X Tiger’s Sharing preferences is disabled. Apple’s recommendation as explained in “Mac OS X Security Configuration For Version 10.4 or Later, Second Edition, February 15, 2007: You should not enable any of these services unless you are required to use them. “Windows Sharing” allows users to access shared files and printers using the SMB/CIFS protocol. You should disable this service. There are several well- known risks associated with SMB/CIFS.

16 Comments

  1. There are several well- known risks associated with SMB/CIFS.

    Just the same, there are those who have to work in a mixed environment and need this.

    The Open Source community fixed this some time ago. Apple has dropped the ball by not getting that widely available fixed rolled up into one of their updates.

  2. You will know when you get the Samba bug because of music and the constant urge to dance silly to it.

    This can be avoided by refusing that last “one more” Tequila five times…….

    ME:light, as in “OW!”

  3. I want to know why Apple don’t update things like CUPS (latest version is 1.1.12, beta of 1.3 is out but OS X by default still uses 1.1.1 or something) and also Samba.

    Can’t they keep them updated like everything else? I updated my CUPS to the latest version and my printing is so much faster and better.

  4. Wow, this slowness by Apple to fix the open source underpinnings of Mac OS X is a real security issue.

    When a vunerability is found in the open source community, it is public knowledge.

    It’s no problem when it’s patched in a reasonable time, but Apple’s slowness makes it a real issue for us.

    I think I’ll go back to Windows, then I know it’s insecure and have nothing to worry about. ” width=”19″ height=”19″ alt=”wink” style=”border:0;” />

  5. “The troll is out this morning, and with the ability to type under different names. Very impressive!”

    Yeah, everyone who is concerned about security is a “Troll”…

    Let’s all just do like the Mac fanboys and not worry about security because OSX has no vulnerabilities.. I’ll only believe it when Steve says there is a problem. Wooo Hooo Steve!!!

  6. Windows: Everyone knows about all the security issues because they get hit by malware every week.

    Mac: Everyone knows about all the security issues despite the fact that no-one suffers from them.

    The difference between the two worlds cannot be be made more concise.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.