I usually refrain from posting “theoretical” OS X exploits since they rarely pose any real threat to Mac users. However, several sources are now reporting multiple Mac Trojan horses in the wild. These Trojans exploit a root vulnerability in Apple Remote Desktop Agent in Mac OS X 10.4 and 10.5.
This exploit has been rated as “critical”, but it does require that a user download and open the Trojan file.
Pay attention, folks. We knew that Macs would come more and more into hackers focus as market-share grew.
It appears that identity theft has hit Apple’s iTunes store.
ComputerWorld is reporting in their article Phishers point scam at Apple’s iTunes that some people are receiving email messages telling them that a problem must be corrected in their iTunes account. The email contains a link to a bogus iTunes billing page, requesting the user re-enter their information, including credit card number, security code, and other information for identity theft.
I will be providing my observations and picks from this year’s MacWorld Expo. But I will not be providing live coverage of the Keynote by Jobs. For that, try the following sites:
There are a fair number of predictions this year for MacWorld Expo 2008. They begin each year in December, then reach a fever pitch in the weeks before the expo. I won’t go over all of the predictions and rumors I’ve come across, but I will offer here a few of the more interesting ones I’ve seen.
MacBook Tablet
This rumor has been made on several sites, each with an interesting take on what form this tablet will take. Common to all the predictions is that is will be small (13″), thin, and a tablet. Here is an interesting video of what form it might take:
Next Gen iPhone
The other rumor I am particularly fond of is the unveiling of the next generation iPhone. Among the most important features of this new iPhone will be 3G wireless technology and the unshackling of its service to the AT&T network. Also, look for some interesting new apps to be introduced for the iPhone.
Mid-Range Mac Desktop
This last rumor is also one I’ve been wishing for: a mid-range, easily upgradeable desktop Mac position between the iMac line and the Mac Pro line. This should be at a price point that makes it attractive for the PC switchers.
The QuickTime vulnerability originally reported on November 15 seems to have been spotted in the wild. This is not good news.
Apple made a decision to change the firewall settings in Leopard, provoking some serious questions about the security of this new OS. This latest security issue puts a spotlight on what may become a real thorn in Apple’s side.
This from Symantec:
Originally, the flaw was disclosed on November 23, 2007 by Polish security researcher Krystian Kloskowski and since then we have seen number of exploits targeting the vulnerability being released to the public. But now the exploit is active and in the wild, meaning web surfers are in danger of being attacked. Our current analysis is also leading us to believe that there may be multiple attacks in existence. Further investigation is currently under way to confirm this.
Let me briefly explain what we have seen. The attack we have confirmed today begins with the popular IFRAME. An IFRAME code that causes the browser to make an additional request to another URL, is embedded in a porn site. Without knowledge, users visiting this site are redirected to the malicious site serving the exploit. Currently, the malware that is downloaded by the exploit is detected by Symantec as Downloader. We are still studying the attack in depth, so look out for more information at a later time.
Since a patch to correct the issue has yet to be released, we advise users to be cautious when browsing the web. For those of you seeking extra protection, we also recommend the following options:
- Run web browsers at the highest security settings possible
- Disable Apple QuickTime as a registered RTSP protocol handler.
- Filter outgoing activity over common RTSP ports, including TCP port 554 and UDP ports 6970-6999.
