» Topic:  Zero-Day Exploit Turns Up Heat On Mac OS X

» Added by:  Gregg Keizer

» Date:  24.2.2006

  A hacker site posted code that can be used to take advantage of a flaw in Mac OS X, which increases the risk that the bug will be used by attackers.

An exploit for the recenty-disclosed zero-day vulnerability in Apple Computer's Mac OS X has gone public, security vendors said Thursday, increasing the risk that the bug will be used by attackers.

Code has been posted to the Metasploit Project site, which rolls out exploit modules for its Framework tool on a regular basis. The code targets the so-called "Safe file" flaw in Apple's Safari browser.

The exploit, which was crafted by someone identified as "HD Moore," who has been credited with other exploits posted for Metasploit's Framework, uses a malicious ZIP file containing a shell script.

"[This] targets a vulnerability in the Safari Web browser 'Safe file' feature, which will automatically open any file with one of the allowed extensions," said Symantec in a warning to customers of its DeepSight Threat Management System. "A malicious user may provide a crafted archive file which contains shellcode to be executed on the browser's system."

Symantec repeated advice from earlier this week that Mac administrators should disable the "Open Safe Files" feature in Safari.

On Tuesday, when the vulnerability first surfaced, an Apple spokesman acknowledged the flaw, and said the Cupertino, Calif.-based developer was working on a patch. He could not provide a timeline for a fix, however.

As of Thursday morning, Apple had not patched the Mac OS X vulnerability.

Source : www.informationweek.com