Security

Apple has released a new security update which fixes several critical vulnerabilities, including the widely publicized DNS flaw. Security Update 2008-005 is now available via Software Update and is recommended for all users.

As you've probably heard, a vulnerability in Apple Remote Desktop allows remote users to execute commands as root when logged in as a regular user. The problem is that ARDAgent has its setuid bit set and is owned by root, which means that it will run as root. Since it's scriptable, any commands sent via AppleScript (including those sent remotely using the osascript command) will also run as root. To demonstrate this, try the following:

osascript -e 'tell app "ARDAgent" to do shell script "whoami"'

It will say that you're root!

Exploit: OSX.Trojan.PokerStealer
Discovered: June 20, 2008
Risk: Low

Description: A Trojan horse has been found in the wild masquerading as program for Mac OS X called "PokerGame". The Trojan in question is a shell script encapsulated in an application, and is distributed in a 65 KB Zip archive; unzipped, it is 180 KB.

Check Point Software Technologies Ltd. today announced the release of Check Point Full Disk Encryption for Mac OS X, the industry's first full-disk encryption solution with pre-boot authentication to support the Mac OS. Check Point Full Disk Encryption now supports all major laptop and desktop operating systems, including Mac OS X version 10.4.5 Tiger through Mac OS X version 10.5 Leopard.

Vancouver, Canada: April 2, 2008 – Absolute® Software Corporation (“Absolute”), (TSX: ABT), the leading provider of firmware-based, patented, Computer Theft Recovery, Data Protection and Secure Asset Tracking™ solutions today announced that its industry standard Computrace® IT asset management, data protection and theft recovery services will be integrated in support of Intel® Anti-Theft Technology later this year. Computrace will be available for select Intel® Centrino® processor technology based notebooks.

Mac OS X is generally unappealing to malicious hackers. But since its popularity is bound to attract notice from the bad guys, the new version of Apple's operating system sports several security features that users and IT departments should know about.
http://www.cio.com/article/165401

Mireth Technology Corp. has released version 4.1 of NetShred X, its easy to use internet track eraser that erases internet tracks, such as cache, history and email. NetShred X runs on Mac OS X. Version 4.1 adds support for Mac OS X 10.5 (Leopard), support for Safari 3 and support for most other browsers using the custom browser feature.

Exploit: OSX.RSPlug.A Trojan Horse
Discovered: October 30, 2007
Risk: Critical

Vancouver, BC - July 18 - Absolute Software Corporation, the leading provider of firmware-based, patented Computer Theft Recovery, Data Protection and Secure Asset Tracking solutions, and Symantec Corp. have launched a marketing promotion exclusively for Apple consumers who combine the purchase of Absolute's Computrace® LoJack® for Laptops and Symantec's Norton consumer security products.

June 18, 2007 - GoGoalSoft Limited today announced the immediate release and availability of goSecure, the easy-to-use file encryption and decryption application for Mac OS X that helps keep sensitive information and files secured and nobody else can access it without a password. goSecure uses secure 128-bit AES encryption, one of the most advanced encryption algorithm currently available.