“Symantec Corp. this week warned Mac OS X users that the addition of an exploit to the Metasploit hacking framework had boosted the threat posed by an unpatched bug in Samba, the open-source file- and print-sharing software included with the Apple operating system,” Gregg Keizer reports for Computerworld.
“Although the vulnerability was disclosed May 14 and patched that same day by the Samba community, Apple has not updated Mac OS X with a fix, said Symantec’s Alfred Huger, vice president of engineering with the security company’s response group,” Keizer reports.
“Samba, which is also used by most Linux distributions to file- and print-sharing with Windows systems, is turned on in Mac OS X when users activate the Windows Sharing feature,” Keizer reports.
“Symantec recommended that users disable the Windows Sharing service until Apple produces a patch. Technically astute users, however, may be able to handle the more rigorous chore of compiling the latest version of Samba manually in lieu of waiting for Apple,” Keizer reports.
Full article here.
MacDailyNews Note: By default, every service listed in Mac OS X Tiger’s Sharing preferences is disabled. Apple’s recommendation as explained in “Mac OS X Security Configuration For Version 10.4 or Later, Second Edition, February 15, 2007: You should not enable any of these services unless you are required to use them. “Windows Sharing” allows users to access shared files and printers using the SMB/CIFS protocol. You should disable this service. There are several well- known risks associated with SMB/CIFS.
number one
Unfortunately, one of those services that is OFF by default is the firewall.
MW: Why? (Indeed)
so that’s why my mac doesn’t feel that snappy!
There are several well- known risks associated with SMB/CIFS.
Just the same, there are those who have to work in a mixed environment and need this.
The Open Source community fixed this some time ago. Apple has dropped the ball by not getting that widely available fixed rolled up into one of their updates.
You will know when you get the Samba bug because of music and the constant urge to dance silly to it.
This can be avoided by refusing that last “one more” Tequila five times…….
ME:light, as in “OW!”
A question: If you wear a Trojan on your worm will that keep you from getting a “Windows Sharing” bug?
MW:children, as in “them two sure made and ugly one….”
I’m sorry, that was supposed to be “another”, not “and”.
The firewall is ALWAYS on in OSX. The difference is, that the firewall has no filter rules. Type sudo ipfw list to prove it to yourself.
I have no comment to make about the Samba bug but I do want to take this opportunity to congratulate Ian for being the first on to post on this top.
WAY TO GO IAN !!!
I want to know why Apple don’t update things like CUPS (latest version is 1.1.12, beta of 1.3 is out but OS X by default still uses 1.1.1 or something) and also Samba.
Can’t they keep them updated like everything else? I updated my CUPS to the latest version and my printing is so much faster and better.
Wow, this slowness by Apple to fix the open source underpinnings of Mac OS X is a real security issue.
When a vunerability is found in the open source community, it is public knowledge.
It’s no problem when it’s patched in a reasonable time, but Apple’s slowness makes it a real issue for us.
I think I’ll go back to Windows, then I know it’s insecure and have nothing to worry about.
” width=”19″ height=”19″ alt=”wink” style=”border:0;” />
The troll is out this morning, and with the ability to type under different names. Very impressive!
MW: far, as in far out basement boy!
“The troll is out this morning, and with the ability to type under different names. Very impressive!”
Yeah, everyone who is concerned about security is a “Troll”…
Let’s all just do like the Mac fanboys and not worry about security because OSX has no vulnerabilities.. I’ll only believe it when Steve says there is a problem. Wooo Hooo Steve!!!
If there was a real issue Steve would have let us know by now. Don’t believe what you read on the internet or the open source community, they are all M$ spies out to get us. Go Apple, and God Bless the Macintosh!
Windows: Everyone knows about all the security issues because they get hit by malware every week.
Mac: Everyone knows about all the security issues despite the fact that no-one suffers from them.
The difference between the two worlds cannot be be made more concise.
Windows Sharing!
I don’t want to have anything to do with Windows on my Mac.
Good thing that’s turned off at the factory before it ships.