Security Check

[sirstaunch]

Hope this is the right spot, but this is a vunerability check on your OS, I did the Security update today so it passed on me so wonder if it happens on someone elses machine who hasn't updated. Should be harmless but I take no responsibility

Quote:

Apple Mac have had a bad press last few weeks over security. Here a little test to see if you are vulnerable to a weakness in Safari and Mail.

http://secunia.com/mac_os_x_command_...rability_test/

Follow the instructions regarding the link and if you have the application calculator open then you are vulnerable and therefore should run you software update and download the latest security update from apple named Apply Security Update 2006-001.

Be interesting to know if this test is real or not??

[barhar]

01. The file 'Secunia.mov.zip' is downloaded to your Macintosh.

Now, all the 'ifs' ...

02. If 'Safari' is your web browser, and if its 'Preferences', 'General' tab panel's 'Open "safe" files after downloading' check box is check marked, then the '.zip' file will be automatically de-compressed (to 'Secunia.mov'). However, the '.mov' file has the permissions of '-rwxr-x--x'; therefore, MacOS X will run (open, launch, execute) the executable file.

What is in the 'Secunia.mov' file? ...

/Applications/Calculator.app/Contents/MacOS/Calculator; exit

. Naturally, nowhere on the Secunia web page or its 'What should you do?' linked web page - is it stated to uncheck the 'Open "safe" files after downloading' check box.

-----

Summary:

By not having 'Safari's 'Preferences' 'General' tab panel's 'Open "safe" files after downloading' check box check marked; and / or any other web browser's 'Preferences' set similarly; and, having ones download folder set to List view - one would immediately note the 'kind' of the 'Secunia.mov' file as 'Terminal document', instead of 'QuickTime Movie'.

---

The same advise was made around April 2004 when the 'MP3Concept' MacOS X Trojan horse was released. Oops, sorry - the 'proof of concept' '.mp3' file was noted by the security firms [(1), (2), etc.], press [(1), (2), etc.], and lesser informed [those who have posted to macosx.com and similar web sites, stating - I have virus, worm, or trojan horse ...]. In that particular case, the List view 'kind' of the .mp3' file was 'Application', instead of 'Preview', 'GraphicConverter', etc.

---

Apple's 'Mail' is not my primary e-Mail'er application; therefore, I have no say as to its actions related to the 'Secunia.mov.zip' file.

Supposedly, the recent 'Security Update 2006-001', at Apple Downloads, as by 'MacWorld' - resolves such issues.