[Full-disclosure] Question about Mac OS X 10.4 Security
KF (lists)
kf_lists at digitalmunition.com
Tue Feb 28 15:49:09 GMT 2006
> I think you're living in a fantasy world. The recent vulnerability,
> which allows the running of arbitrary code simply by clicking on a
> linked zip file will probably result in at least a handful of new
> viruses/worms for the Mac platform within the next week or two.
>
I agree 100% . Zip file / metadata bug added to a malicious InputManager
, fucked up dyld file or environment.plist is like instant IE style
popup city for Mac users running Safari. It would literally take about
20 minutes to put something together.
-KF
Full-Disclosure is hosted and sponsored by Secunia.