Featured Article: Just a Peek - StoryMill
FrSIRT Reports Mac Denial of Service Flaw
by , 8:20 AM EST, November 27th, 2006
The computer security watchdog group FrSIRT is reporting a new potential security threat to Mac OS X that could result in a denial of service attack. The threat takes advantage of a flaw in the kevent() function when registering certain kernel events and allows local unprivileged users to cause the system to panic.
The attack requires direct access to the affected computer, so the threat of theft or physical vandalism is probably greater than the potential for a denial of service attack.
This security threat impacts Mac OS X10.4.8 and earlier, and Apple has not yet released a security update to fix the issue. It is considered low risk, and there are currently no known instances of the exploit being used.
Observer Comments
Mon Nov 27, 2006 10:49 am Subject: This threat is beyond low it's more like buried
Mon Nov 27, 2006 12:20 pm Subject: Who said it was a big deal?
At least these people are actually being honest about this risk. They're not blowing it out of proportion like fear-mongers, the way most of these reports do.
A security hole doesn't need to be exploitable over the Internet to matter. For most home users, something that requires physical access isn't too scary, but in offices, schools, libraries, etc., it matters just as much as, if not more than, remote attacks.
Although as far as any kind of attack goes, causing a simple crash IS pretty ho-hum. You might as well just turn off the machine. *shrug* Definitely low-risk. When something like this makes it to a news site, you know the state of Mac security is pretty damned good.
Recent Headlines - Updated Friday, November 21st, 2008
- Fri., 7:15 PM
- iPO Free on iTunes - Photography Specials
- 6:35 PM
- Khronos Group Shows Off OpenCL Standard
- 5:15 PM
- John Martellaro's Blog: StrangeCharm - HD, DRM & iTunes
- 4:30 PM
- iPO iPhone Gaming News - EA Reveals Plans For SimCity on iPhone
- 4:00 PM
- Psystar Lawsuit Filings Reveal Potential Document Policy Problems at Apple
- 2:40 PM
- Mac Gaming News - Puzzle Adventure Game Book of Legends Comes to the Mac
- 2:20 PM
- TMO's DealsOnTheWeb.com - Philips 8.5" Widescreen Portable DVD Player With iPod Dock: $129.99 Delivered
- 12:05 PM
- The Simplified Guide to Buying a New HDTV System
- 10:20 AM
- PopChar X 4.1.1 Improves FreeHand 10 Support
- 9:35 AM
- iPodObserver - Apple Rolls out iPod touch Software 2.2 with Podcast Downloads
- 8:55 AM
- New Mac Malware Surfaces
- 8:35 AM
- Apple Releases Pro Applications Update 2008-004
- 8:00 AM
- iPO Review - Clusterball Arcade
- 7:35 AM
- iPodObserver - iTunes 8.0.2 Improves VoiceOver, More
- 6:55 AM
- iPodObserver - iPhone Software 2.2 Adds Google Street View, Podcast Downloads
The Mac Observer Reader Specials
- Download Typestyler, still the Ultimate Styling Tool for Internet, Print and Video Graphics. Works great in Classic with a Native OS X Version on the way. Free Tryout: www.typestyler.com
New MacPro Memory 800Mhz With Apple Spec Heat Sink - 2GB $72 / 4GB $104 / 8GB $204. Click to Maximize your Macs...
Mac observers can now play Party Poker for Mac as well as Mac casino games by going to MacPokerOnline.com.
RamJet Memory: Mac Pro FB-DIMMs: 2Gig kit $95, 4Gig Kit $179, 8Gig Kit $355! MacBook 2Gig Kit $78, 4Gig Kit $149! Click hereFor the latest Apple products use Ciao a comparison website to find laptops like MacBook Air. Then find the best prices on MP3 players and use our comparison tool to evaluate cell phones.
Laptop Hardware Provided by TechRestore - Overnight Mac & iPod Repairs.
PQI i810 Plus 8GB USB Flash Drive: $18.89 Delivered 
OneCall's Weekend Sale - 20 Great Items at Great Prices All Weekend Long 
Computer Geeks' Ho Ho Holiday Deals - Save Up to 80% 
