Bug of the day hits Mac Finder

Stephen Withers
Wednesday, 10 January 2007 06:00

Your IT - Home IT

A bug allegedly reported to Apple around a month ago is the subject of today's Month of Apple Bugs disclosure.

According to MoAB's Kevin Finisterre, memory corruption occurs in the Finder if an attempt is made to mount a disk image file containing a volume name longer than 255 characters. The condition "leads to an exploitable denial of service condition and potential arbitrary code execution."

The significance is that Mac software is most commonly distributed via the Internet as disk image files, so users are accustomed to downloading and opening them. While word would quickly spread about any attempt to use this for a denial of service attack, a successful code execution exploit could affect a significant number of machines before news got out.

According to the disclosure, creating such an exploit would not be trivial.

The suggested workaround? "Don't attempt to mount untrusted DMG files, [and] disable Safari 'Open safe files' in it's [sic] preferences dialog". After previous scares, we'd hope everyone's already done the latter.