MacOs X Exploit Code

Security firms warned users of Apple's Mac OS X earlier this week about the existence of an exploit that could result in the execution of arbitrary code. The news has made upgrading to version 10.4.7 even more important, as the update fixes the issue. The vulnerability lies in an operating system file called "launchd."The proof-of-concept code was created by Digital Munition security researcher Kevin Finisterre. He has written other exploits in the past, including another for a Bluetooth flaw within Mac OS X. Finisterre says he does his work out of a desire to show those who believe the operating system is completely safe that there are flaws that need to be addressed.

well, there are no such thing as a COMPLETELY SAFE operating system ever existed, so really, there's not that much to prove.xboxrulz

Security firms warned users of Apple's Mac OS X earlier this week about the existence of an exploit that could result in the execution of arbitrary code. The news has made upgrading to version 10.4.7 even more important, as the update fixes the issue. The vulnerability lies in an operating system file called "launchd." The proof-of-concept code was created by Digital Munition security researcher Kevin Finisterre. He has written other exploits in the past, including another for a Bluetooth flaw within Mac OS X. Finisterre says he does his work out of a desire to show those who believe the operating system is completely safe that there are flaws that need to be addressed.

Was the above taken from here..

 

Cos I kinds think it was All of us can google

well, there are no such thing as a COMPLETELY SAFE operating system ever existed, so really, there's not that much to prove.

 

xboxrulz

 

It's also an exploit for a flaw which has already been fixed. Half the reason that OS X is safeer is that the turn-around time for patches is very fast. Linux distributions tend to be in the same boat. When I was administering a bunch of RedHat machines, the CERT warnings for a vulnerability usually had a link to the patch for RedHat Linux while MS or Sun would take weeks or months to make the same fix. The other thing is that I have had one issue with an OS X point upgrade since 10.1.x, whereas MS' patches often break apps and cause general havoc. This tends to be true of the RedHat Fedora Core updates as well, although I do not understand why: there is no systematic integration tetsing for point releases.

 

Anyway, the point is that nothing is completely safe, but little differences in process make a huge difference to security. I get tired of people jumping on every flaw as if it made OS X the same as Windows.

It's also an exploit for a flaw which has already been fixed. Half the reason that OS X is safeer is that the turn-around time for patches is very fast. Linux distributions tend to be in the same boat. When I was administering a bunch of RedHat machines, the CERT warnings for a vulnerability usually had a link to the patch for RedHat Linux while MS or Sun would take weeks or months to make the same fix. The other thing is that I have had one issue with an OS X point upgrade since 10.1.x, whereas MS' patches often break apps and cause general havoc. This tends to be true of the RedHat Fedora Core updates as well, although I do not understand why: there is no systematic integration tetsing for point releases.

 

Anyway, the point is that nothing is completely safe, but little differences in process make a huge difference to security. I get tired of people jumping on every flaw as if it made OS X the same as Windows.

 

Apparently, I only see Fedora Core and Windows XP breaking patches. I've also seen MacOS X patches breaking the system on "illegal hardware" (which is fully understandable and not used for any excuse).

 

So, i don't know. I use SuSE Linux 10.1 and none of the patches have broken my install or caused more exploits.

 

xboxrulz

rarely have I had issues. The latest system update seems to cause Safari 2 to crash a lot for no good reason. One more reason to finally switch to Opera (which I'm using now) That being said, I've never had any issues with Mac patches screwing up other systems. I think I once had to download a new scanner driver or something because of an update conflict, but that's been about it. Personally I enjoy administrating macs over other OS's. Mac OSX Server is a dream to work with and if you know Unix you can get under the Unix hood and do things the old fashion way.