Security Flaw Hits Apple’s Mac OS X 10.5 Mail. Again
By Max Brenn
12:59, November 22nd 2007
65 votes
Vote this story
Security Flaw Hits Apple’s Mac OS X 10.5 Mail. Again

An old security flaw that affects Apple Mail has reappeared in the latest version of Mac OS X.

Yesterday, Heise Security revealed that apparently Apple forgot to patch the security problem in Apple Mail that made it possible to inject disguised malignant code.

The flaw was discovered and patched in March 2006. By exploiting this flaw hackers could trick a user into launching an executable by double-clicking a mail attachment that looks like a JPEG image file.

Mac OS X 10.5, Leopard, provides a "quarantine" system that alerts users when they attempt to open applications that arrived via Mail, Safari or iChat, or that came in disk images via these programs. It also alerts users the first time they launch any other application they have installed or manually added to their Applications folder. This system should inform users of all cases when such executable files are being opened.

“On a current installation of the Tiger OS, Apple Mail issues a warning that the supposed image file is a program and is to be opened with Terminal. Apple apparently either did not incorporate this update into Leopard, or did not do it correctly.” Heise Security wrote in an advisory posted on its website.

They also offered a demo on how the vulnerability can be exploited.



© 2007 - 2008 - eFluxMedia
dotclear

Other News in

The New Net Neutrality Bill

The New Net Neutrality Bill

A new bill on neutrality and broadband policy was introduced yesterday by Representatives John Conyers and Zoe Lofgren. The Internet Freedom and Nondiscrimination Act of 2008, as it is called,...

Bill Gates Optimistic about Advertising, Vista

Bill Gates Optimistic about Advertising, Vista

Chairman Bill Gates talked about the Microsoft failed attempt to acquire Yahoo, and Windows Vista, among other things, during a press conference in Tokyo on Wednesday. The bottom line is that the...

TorrentSpy Must Pay Big For Piracy Accusations

TorrentSpy Must Pay Big For Piracy Accusations

A federal judge decided that TorrentSpy Company must pay the Motion Picture Association of America retributions of $110 million. The ruling came as a result of the accusations brought upon the...

MySpace Will Enable Users To Share Data With Other Sites

MySpace Will Enable Users To Share Data With Other Sites

The popular social networking website MySpace announced Thursday it will soon make it possible for its members to share the information on their MySpace profile with other sites such as Yahoo, eBay,...

Facebook Offers More Safety to Children

Facebook Offers More Safety to Children

After long negotiations, social networking site Facebook agreed Thursday on a safety plan with the attorneys general of 49 states and Washington D.C., just like its rival MySpace did, a few...

dotclear
Latest videos in Technology
Google Docs: Working offline
New features in Google Earth...
Photoshop Express Demo Part 2
Photoshop Express Demo!
Sliver of Silicon with 47...

dotclear
Technology You are here: Technology
» Technology   » Gadgets   » Video Games   
E-mail To A Friend Print RSS Text size: Decrease font size Increase font size
dotclear
dotclear
dotclear
Most Popular in Technology
HTC Launches 3G iPhone Killer: Touch DiamondHTC Launches 3G iPhone Killer: Touch Diamond

» read full story
dotclear

Interested In This Topic?

News Alert will keep you informed. Find out more.
dotclear
Today's Latest News
Smoking in Public Places Might Be Banned in MichiganSmoking in Public Places Might Be Banned in Michigan

» read full story
dotclear