toggle

AAPL Stock: 427.89 ( -3.88 )

http://www.macnn.com/articles/07/07/17/new.worm.for.mac.os.x/

New worm developed for Mac OS X?

updated 09:45 am EDT, Tue July 17, 2007

 

New worm for Mac OS X?


An independent coder claims to have developed a new worm for Mac OS X computers. An unnamed, proof-of-concept project, the worm exploits a variation of the mDNSResponder vulnerability recently addressed by Apple -- if not completely, according to the coder. Once an attack is successful, the worm grants remote root access, and places a text file on the desktop before moving on to other systems in the same network. Theoretically, an improved version could be a serious threat, randomly attacking networks across the world and depositing malcious software instead of text.

The writer of Information Security Sell Out, however, says he has merely tested it on local systems and will eventually share his information with Apple, so that the vulnerability can be fixed. Part of his stated goal is to dispel notions that Mac OS X is somehow more secure than Windows, an aim shared with many current security commentators.


by MacNN Staff

Post tools:

TAGS :

 Apple

Related Articles

Recent Articles

toggle

Comments

  1. gskibum3

    Fresh-Faced Recruit

    Joined: Nov 2006

    0
    07/17, 10:01am | report spam | Reply |

    Worm?

    Any info on how this "worm" wold be able to spread?

  1. horvatic

    Fresh-Faced Recruit

    Joined: Apr 2002

    0
    07/17, 10:02am | report spam | Reply |

    Another Theory more FUD!

    Another theory and more FUD! What does it prove? Absolutely NOTHING.

  1. wings_rfs

    Fresh-Faced Recruit

    Joined: Dec 2002

    0
    07/17, 10:10am | report spam | Reply |

    Somehow?

    "Part of his stated goal is to dispel notions that Mac OS X is somehow more secure than Windows."

    Well if he could "somehow" create a website that I could visit, and just by going there I become part of a botnet, maybe THEN he can start dispelling notions. Until then this is just more FUD piled on to the mountain of FUD already created.

  1. gskibum3

    Fresh-Faced Recruit

    Joined: Nov 2006

    0
    07/17, 10:20am | report spam | Reply |

    ????

    Next headline for macnn?

    Microsoft stock to reach $1,000,000 per share? gskibum3 sells one of his Ferraris?

    What is with these headlines ending in question marks?

    Isn't that inane?

    ???

  1. Rezzz

    Fresh-Faced Recruit

    Joined: Jan 2006

    0
    07/17, 10:23am | report spam | Reply |

    be careful..

    ..what you wish for.

  1. hokizpokis

    Fresh-Faced Recruit

    Joined: Jan 2007

    0
    07/17, 12:56pm | report spam | Reply |

    blah blah blah??

    actually no 'worm' here at all, just a hack to create a 'root' user, all one would need to do is have the OSX firewall turned 'on' and the mac would not respond to the 'dnsresponder' request at all... duh

    what's wrong been running your mac again sans firewall?? don't ware seatbealts?? running with siccors again??

    if your so conserned about security I'd think you would at least turn on the firewall... which sits on the mackernel and setup a non-admin user to surf the net with if your paranoid... keep your cash under the mattress and keep your front door unlocked and you too will find the milkman in bed with your teenager daughter... ugly thought

    ...who's the brilliant hacker this time??

    can you say 'looser' in french??

  1. dogzilla

    Grizzled Veteran

    Joined: Sep 1999

    0
    07/17, 01:26pm | report spam | Reply |

    re: blah blah blah??

    Where to start?

    First - don't berate others for not using a firewall when you don't know enough to use a spell-checker if your spelling sucks.

    The firewall does *not* sit on the Mach Kernel. It is a separate process, and most folks will not enable it, because Macs are "more secure".

    mDNSResponder is a key and low-level part of the OS - it is what enables Bonjour discovery of services. Read http://developer.apple.com/networking/bonjour/faq.html for more. It is unlikely that your average user will know how to set up the firewall to block it. I'm fairly certain you don't.

    It is unclear to me whether this worm would be limited to local networks, as bonjour and mDNSResponder is - it has the ability to do Unicast over the internet but I'm not certain that's enough for a worm to propagate. Even if it can, I'm not certain how it would create a root user for those who have not enabled it. If both of these are true, then this is a serious and huge vulnerability. In any case, it's definitely something worth taking seriously until disproven.

    And it's 'loser', not 'looser'. In French it's roughly translated as 'hokizpokis est un cretin'.

  1. Robb

    Fresh-Faced Recruit

    Joined: Feb 2000

    0
    07/17, 01:28pm | report spam | Reply |

    Not Professional

    While I believe my Mac is much more secure than Windows, I also understand that it's not invulnerable. Some of these coders who are bound and determined to expose security flaws in OS X claim to be part of professional services groups. If that's really the case, then they'll work with Apple to close any holes before they can be exposed in the wild.

  1. CorDog

    Fresh-Faced Recruit

    Joined: Mar 2006

    0
    07/17, 01:52pm | report spam | Reply |

    Here we go again!

    "Part of his stated goal is to dispel notions that Mac OS X is somehow more secure than Windows, an aim shared with many current security commentators."

    Even if this were true, here is the score.

    Mac OS X = 1 Window = 110,000+

    Yep, looks pretty close to me, I guess the Mac is just as unsecure as Windows!

  1. testudo

    Forum Regular

    Joined: Aug 2001

    0
    07/17, 02:01pm | report spam | Reply |

    firewall

    And why doesn't apple turn the firewall on by default, anyways?

Show More Comments

Login Here

Not a member of the MacNN forums? Register now for free.

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Logitech FabricSkin Keyboard Folio for iPad

Since the fourth-generation iPad didn't evolve much over its predecessor, the market for iPad accessories has remained somewhat static ...

Huawei Ascend Mate

The Huawei Ascend Mate is a phone that fits the screen-size gap between the 4 to 5-inch smartphone and the seven-inch or more tablet, ...

MaxUpgrades MaxConnect for 2006-2008 Mac Pro

Nobody outside of Cupertino's privileged bunch knows the future of the Mac Pro line for sure. Despite Apple's reluctance to tell us wh ...

toggle

Most Commented

 

Popular News