Telstra has revealed the addition of almost one million new mobile services in the six months to December 2011, but Sensis revenues plummeted 24 percent in 12 months.
A flaw, described as highly critical in a current version of Apple Mac OS X has been reported by a security researcher, who has also published a sample of exploit code for the vulnerability on the web.
The vulnerability enables the Safari web browser
to load corrupted image files from a malicious website allowing
attackers to gain escalated privileges enabling them to run executable
code on the system.
The security researcher who discovered the flaw uses the acronym LMH
and reports: "Mac OS X com.apple.AppleDiskImageController fails to
properly handle corrupted DMG image structures, leading to an
exploitable memory corruption condition with potential kernel-mode
arbitrary code execution by unprivileged users.
"This issue is remotely exploitable as Safari loads DMG files from
external sources (ex. visiting an URL). This can be prevented by
changing the Preferences and deactivating the functionality for
'opening "safe" files after downloading'.
"Right now, Apple doesn't provide a public specification for the DMG
format, nor source and/or API reference for
com.apple.AppleDiskImageController. Although, the binary-form code can
be found at
/System/Library/Extensions/IOHDIXController.kext/Contents/MacOS/IOHDIXController."
Danish security researcher Secunia, which has previously been busy
unveiling flaws in IE7, rates the currently unpatched Mac OS X flaw as
highly critical, meaning a remote user can gain control of an affected
system.
Apple has yet to issue a statement concerning the flaw.
David Bass
| For the fourth year in a row, IDC has placed content security provider Websense (NASDAQ: WBSN) at the top of the IDC Worldwide Web Security 2011 –…
How to Make Business Discovery Work for Your Business
Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more
Try an easy-to-use set of web-enabled
tools for business-class productivity services. Office 365 provides
anywhere-access to email, important documents, contacts, and calendars
on almost any device.