OS X an exploit target

Analysts and security firms are increasingly recognizing Mac OS X as a potential target for exploits, though the actualized threat thus far has been virtually non-existent. A security research company released a piece of exploit code targeting a port mapping vulnerability in Mac OS X less than 24 hours after Apple had released a patch for it -- a potential sign that interest in such vulnerabilities is higher than previously accounted.

Rob Enderle, principal analyst for the Enderle Group, told eWeek: "It is very Microsoft. It's something we've grown to expect in Microsoft: The descriptions of patches lead people to write exploits for something that's been patched. It was only a matter of time before that kind of behavior hit [the Mac] platform. People are going after consumers, and they're going after consumers broadly."

One of the things analysts and some security researchers fault Apple for is the lack of a scheduled, regular patch process, as has been enacted by Microsoft in its "Patch Tuesday" mechanism, or Oracles tri-monthly system. Still, Apple is noted for its responsiveness in patching problems as they arise, despite the lack regularity.

Analysts also call for the implementation of ASLR (address space layout randomization)—a technology designed to allocate random space for memory making exploits difficult to determine. Microsoft has implemented this functionality in Windows Vista, though some would argue it's not necessary in Mac OS X, and Vista's implementation is far from bulletproof.

by MacNN Staff