Thread: Mac users - be aware
View Single Post
  #14  
Old August 5th 15, 02:09 AM posted to rec.photo.digital
Eric Stevens
external usenet poster
  
Posts: 13,611
Default Mac users - be aware
On Tue, 4 Aug 2015 17:38:14 -0700, Savageduck
wrote:

On 2015-08-04 22:21:24 +0000, Eric Stevens said:

On Tue, 4 Aug 2015 14:19:24 -0700, Savageduck
wrote:

On 2015-08-04 20:47:33 +0000, Eric Stevens said:

http://www.theregister.co.uk/2015/08..._exploit_wild/

"The amusing vulnerability in Apple's OS X that grants
administrator-level access to anyone who asks is being exploited in
the wild by malware. Yeah, malware exists for Macs, this isn't the
1990s.

Anyone logged in to a vulnerable OS X computer, or any software
running on it, can use the security hole to gain the same privileges
as the powerful root user, meaning they can install new programs,
change files, remove or add new users, wreck the system, and so on, at
will.

According to Adam Thomas of Malwarebytes, dodgy software distributed
on the internet is now exploiting the vulnerability to inject the
VSearch and Genieo adware plus the MacKeeper junkware on to Macs, and
point users at an app to download from the official App Store."

... more

Thanks for the warning, but this is more of the usual FUD. Can you say
proof of concept, yet to be found in the wild.

You should read the article to which I linked.

"According to Adam Thomas of Malwarebytes, dodgy software
distributed on the internet is now exploiting the vulnerability to
inject the VSearch and Genieo adware plus the MacKeeper junkware on
to Macs, and point users at an app to download from the official
App Store."

It doesn't sound easy to do but if Malwarebytes are into it, it's real
and out there.

The Mac groups have been discussing this for the last two days and they
address another source. rather than that anti-Apple screed and FUDfest
"The Register".

The vulnerability might exist and Mac Usenet users are well aware of
it. However, it is one that most Mac users running the latest software,
and using established installation procedures of apps from known
sources, are not going to have to deal with.

As with all of these things the ones most vulnerable are those who
install questionable stuff to start with, and they have to play an
active part in that installation. The malware in question is not going
to infect any Mac without being invited in by that Mac's owner.

That's what the article said.
--

Regards,

Eric Stevens