International Mac Podcast

Subscribe via iTunes Subscribe via RSS
Blog RSS Subscribe by email

The Uncomfortable Truth About Trojans

Posted on Tuesday, July 1, 2008 by Bart Busschots
0

Although it is true that some Trojans use vulnerabilities like the current ARDAgent vulnerability to gain root access, they do not need to. The core message about Trojans is getting lost amidst all the talk about plugging this vulnerability. Even if there was not a single vulnerability in OS X we would be at the mercy of Trojans. That’s the whole point of Trojans. Any program you run can do anything you can do. Let’s think about that for a moment, what can you do on your system without needing a password? Here’s a short list for starters:

  • You can run programs.
  • You can read, edit, and delete files
  • You can use the network
  • You can set programs to auto-start each time you log in

Remember, a Trojan is just an ordinary program that pretends to do something you want, but actually does something else. It could delete all your files. It could run a key logger and phone home with your credit card number, user names and passwords, bank details etc.. It could use your machine to send spam. It can set itself to automatically run each time you log in and continue with it’s nefarious actions. It can do all this WITHOUT the need to exploit a single vulnerability in your OS or your software. If you can do it, a Trojan can. Think about that for a second, it’s not a comforting thought!

(more…)

Categories: Articles & Thoughts

OS X 10.5.4 Bring Security Updates

Posted on by Bart Busschots
0

The next update to OS X Leopard hit Software Update today as well as a security update for OS X Tiger. As well as a few bug fixes and some under the hood stuff 10.5.4 also contains all the same security fixes which were released separately for Tiger. You can get the full list from Apple here. The executive summary boils down to the usual array of potential crashes and arbitrary code execution. However, two bugs stand out as being particularly nasty, one in SAMBA (Windows File Sharing) which leaves you computer open to exploitation over the network if you’re sharing out folder over SAMBA, and one in Safari which leaves you vulnerable to being exploited by simply visiting a web page. Notably absent from this list of fixes is the issue with ARDAgent which is currently being exploited by an OS X Trojan (more in my previous post).

Bottom line, even if you don’t use Safari or Windows file sharing you should update soon, but if you do you should probably update ASAP.

Categories: News

Content is licensed under the Creative Commons BY-NC-ND 2.0 England and Wales license.
Wordpress theme by Donald Harvey and Joel Drapper.