Mac OS X exploit

Note added 6 March 2006 :: It looks as if security update 2006-001 addresses these two issues, at least as regards Safari and Mail. I picked this one up through software update some days ago.

Open safe files option unchecked

Its hassle Apple week, with a ‘drive by download’ exploit appearing and being reported on the front page of the BBC News web site. The icon you see on the desktop is determined by the file extension of a downloaded file, but the file can do something different – like run a bash script. As mentioned on Michael Lehn’s rather nice Web site, the work-round is simply to switch off the ‘Open Safe files after downloading’ option in Safari. Just go to Safari Preferences, and click the General tab and make sure the box above is un-ticked. Files will then download to the desktop without triggering the ‘run’ action (possibly different to the icon). You should examine the run action for the downloaded file – view details or apple-I.

Suggestion that Thunderbird avoids exposure to mail bourne drive by downloads for now

Another report on the Internet Storm Center site suggests that the same exploit can involve downloaded file attachments in Mail, and they suggest using Thunderbird for now. I’m assuming Apple will be releasing patches for these exploits and will not go into denial about security issues.

Comments are closed.