On CHOW: How to brine your holiday turkey
BNET Business Network:
BNET
TechRepublic
ZDNet

April 27th, 2007

More on the MacBook Pro browser exploit

Posted by Jason D. O'Grady @ 6:45 am

Categories: Hack, MacBook Pro, Security

Tags: Security, Network, Apple MacBook, Web Browser, Apple MacBook Pro, Attack, Jason D. O'Grady

If you haven't been following the hack of the Safari Web browser on a MacBook Pro there are some details that you should know.

First, as I reported on Wednesday the attack is not native to the Macintosh. The flaw actually lies in the way Apple's QuickTime Media Player works with the Java programming language, therefore Firefox browsers running on Windows are also vulnerable if the QuickTime plug-in is installed.

Fellow ZD blogger Ryan Naraine has posted an excellent interview with the orchestrator of the attack security researcher Dino Dai Zovi, an excerpt:

I do manual code inspection, that's my primary research tactic.   I look at feature sets. I look at the entire attack surface, look in areas of functionality where there were vulnerabilities in the past.  I look at the entire attack surface, see what looks dangerous, what looks sketchy.  In this case, there was blood in the water so I started looking at something specific and found this one.  Then I worked up the exploit from there.

Ryan has also debunked the assertion that the MacBook Pro exploit is "in the wild" 

An anonymous blogger claims he/she was able to monitor the network at CanSecWest security conference and snag a full packet capture of the contest…

To which a CanSecWest organizer responded:

Someone may have reverse-engineered the vulnerability but they didn't pull it off the network there.

Daring Fireball's John Gruber has also interviewed Dai Zovi, whose background "is primarily on the "adversarial" or "offensive" side of security testing." Which means that he generally plays the role of "a determined and skilled attacker in order to compromise the security of a network, web application, software application, or operating system."

Although the exploit hasn't been published and it only gains user-level privileges, it still allows an attacker to read, delete, or corrupt anything in your home directory. Until Apple releases a patch for the exploit you'd be well advised to turn off Java in your Web browser.

Jason D. O'GradyJason D. O'Grady is the editor of PowerPage.org, which has been publishing daily mobile technology news since December 1995. For disclosures on Jason's industry affiliations, click here or to view Jason's full profile click here.

Email Jason D. O'Grady

Subscribe to The Apple Core via Email alerts or RSS.

  • Talkback
  • Most Recent of 2 Talkback(s)
2 corrections
Wrong. Windows doesn't have a compatible command shell and since this attack uses the command shell, Windows is 100% immune to this attack. However, I'm more than willing to hold you to a new stand... (Read the rest)
Posted by: ozzietheowl Posted on: 04/28/07 You are currently: a Guest | | Terms of Use
2 corrections  NonZealot | 04/27/07
2 corrections  ozzietheowl | 04/28/07

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Essential Topics Click Here

advertisement

Recent Entries

advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

  • Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
  • More from IBM
  • Innovate your business' process model, play against the market, compete against others on our scoreboards and WIN! Try INNOV8 2.0: A BPM Simulator
  • Enabling Real-World Business Transformation through IBM Service Management Read the EMA Analyst Report
Click Here