Apparently the new problem lies in the way that Mac OS X was processing
archived files. An attacker could embed malicious code into a ZIP file and then host it on
a website. The file and the embedded code would run when a Mac user would visit the
malicious site using the Safari browser. The operating system would execute the commands
that came in the metadata for the ZIP files. This problem was made even worse
by the fact that these files would automatically be opened by Safari when it encountered
them on theWeb. There is evidence that even ZIP files are not necessary to conduct this
kind of attack. The shell script can be disguised as practically anything. This is due to the
Mac OS Finder, which is the component of the operating system that is used to view and
organize the files. This kind of malicious file can even be hidden as a JPEG image.
This can occur because the operating system assigns each file an identifying image that
is based on the file extensions, but also decides which application will handle the file
based on the file permissions. If the file has any executable bits set, it will be run using Terminal,
the Unix command-line prompt used in Mac OS X. While there have been no
large-scale reported attacks that have taken advantage of this vulnerability, it still represents
a shift in the securityworld.
Pages:
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147