 |
 Stephen Withers turns his gaze on the world of Apple, with
detours into other aspects of IT and communications as they catch his
attention. |
Technology news and Jobs 
Our Blogs Core Dump Drive-by downloads danger from new Mac Trojan: Symantec
Our Blogs Core Dump Drive-by downloads danger from new Mac Trojan: Symantec | Drive-by downloads danger from new Mac Trojan: Symantec |
|
| by Stephen Withers | |
| Tuesday, 24 June 2008 | |
|
Page 3 of 3 At least three unofficial fixes have been suggested. The idea that starting the Remote Management service (via the Sharing system preference) would provide protection was short lived, as it is too easy for an exploit to disable remote management and then restart it.Kou Man Tong, a Hong Kong based software developer, has suggested disabling AppleScript support in ARDAgent by editing its plist (property list). He claims this prevents the exploit from working whether or not Remote Management is active, but without interfering with the normal use of Apple Remote Desktop for remote administration. However, the legitimate use of AppleScripts via Remote Management would also be blocked. But if the privilege escalation exploit fails, the Trojan poses as a software update and asks the user to provide administrative login credentials, Sophos senior technology consultant Sean Richmond told iTWire. So while cautious and sophisticated Mac users will no doubt feel as secure as they did before the discovery of the latest Trojans, those who manage computers used by colleagues or family members who take a more cavalier attitude to browsing and downloading may think again about the need for security software that can detect such malware.
Get stories like this delivered daily - FREE - subscribe now
|
Tags
| < Next story in category | Previous story in the category > |
|---|
