Sponsor for PC Pals Forum

Author Topic: Security holes in Mac and Linux platforms  (Read 1154 times)

Online Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Security holes in Mac and Linux platforms
« on: April 16, 2009, 23:10 »
The Register reports that a set of recently discovered security holes in Mac and Linux platforms reminds those over-confident in their superior protection that no one is immune to vulnerabilities.

H Security reports on a series of actively exploited vulnerabilities in Apple's Mac OS X operating system that remain unpatched. A vulnerability in mounting malformed HFS disk images creates a privilege elevation risk, allowing regular users to obtain root privileges.

Other exploits involving kernel system vulnerabilities create a means for hackers to crash vulnerable systems. Lastly, another unpatched flaw in AppleTalk poses a system crash (though not code injection) risk.

The flaws were first demonstrated at the CanSecWest security conference last month but remain unpatched, H Security adds.

Separately security researchers have unearthed a potential method for dropping rootkits onto vulnerable Linux systems. Anthony Lineberry, senior software engineer for Flexilis, is due to demonstrate how to hack into the Linux kernel by exploiting the driver interface to reach into physically addressable memory. At a session during the BlackHat security conference in Amsterdam on Thursday afternoon. The attack represents a new spin on a well understood class of risk, Dark Reading adds.

Properly carried out, the attack approach allows malicious processes to be hidden, hijacked system calls, and remote backdoors onto compromised machines to be established without creating much in the way of clues that an attack is taking place.

http://www.theregister.co.uk/2009/04/16/alternative_os_flaws/
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Offline Rik

  • Former Admin
  • *****
  • Posts: 26506
  • Ceud mille failte
Re: Security holes in Mac and Linux platforms
« Reply #1 on: April 17, 2009, 00:54 »
Sam's gone all quiet.  :devil:
Slainthe!

Rik

Offline sam

  • Administrator
  • *****
  • Posts: 19977
Re: Security holes in Mac and Linux platforms
« Reply #2 on: April 17, 2009, 08:19 »
you mean I wasn't awake???  :crazy:

Of course there are holes.... I write software there are always going to be holes but the way of getting into these systems is much more difficult than windows. The best security is awareness and the majority of unix-like operating system users are on average much more aware than our Microsoft friends - this is the true value of linux. It is also much more secure in the number of open systems it offers to the world. Also there is nothing 'New' about this sort of attack. People have had demonstratable attacks like this for the past decade or so.

These things are normally patched quite quickly though...
- sam | @starrydude --

Online Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Re: Security holes in Mac and Linux platforms
« Reply #3 on: April 17, 2009, 11:07 »
Much the same could be said of Firefox, Sam.  :)
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Offline Rik

  • Former Admin
  • *****
  • Posts: 26506
  • Ceud mille failte
Re: Security holes in Mac and Linux platforms
« Reply #4 on: April 17, 2009, 11:23 »
And often is...
Slainthe!

Rik


Show unread posts since last visit.
Sponsor for PC Pals Forum