Mon, 30 Jul 2007 Symantec warns on Mac OS Samba bug
An unpatched bug in Mac OS X's implementation of Samba may be security risk
Symantec is warning Mac OS X users that the addition of an exploit to the Metasploit hacking framework had boosted the threat posed by an unpatched bug in Samba, the open-source file- and print-sharing software included with the Apple operating system.
Although the vulnerability was disclosed 14 May and patched that same day by the Samba community, Apple has not updated Mac OS X with a fix, said Symantec's Alfred Huger, vice president of engineering with the security company's response group.
Question of the day!
Do you use Adobe Photoshop with a Wacom tablet?
% of Macworld readers agree with you
How does a Wacom tablet improve the Photoshop experience?
Follow the conversation at @TabletChat
paintings & illustrations, mostly, which i upload to flickr.RT @fragmentedm
I draw manga/anime characters. I also do graphic design and photography.RT @spialelo
Yes. I usually put them up on my #deviantart account for feedback on how to improve.RT @spialelo
"This is significant exposure for Mac OS X users," said Huger. "Samba is used in virtually every mixed environment where there are Macs and PCs, and the threat profile is much higher now that an exploit has been added to Metasploit."
Samba, which is also used by most Linux distributions to file- and print-sharing with Windows systems, is turned on in Mac OS X when users activate the Windows Sharing feature.
This month, a trio of Brazilian researchers who collaborate as Rise Security released Mac OS X attack code for the Samba vulnerability. According to Symantec, the Rise code is "almost identical" to what the company's security team discovered in late May.
More important, said Huger, is that Rise also contributed their code to Metasploit, an open-source platform for creating, testing and launching exploit code. "Once we see something in Metasploit, we know it's likely we'll see it used in attacks," he said as he explained why Symantec had amped its earlier warning. "Every Unix-based break-in that's not hand-crafted, in other words not with the attacker sitting at the keyboard during the attack, is made with a couple of different tools, and Metasploit is by far the most popular."
The Rise-developed, Metasploit-distributed exploit successfully attacks a fully-patched Mac OS X 10.4.10 system, added Symantec, and results in the attacker gaining root privileges on the Mac.
"There is a very high probability that attackers will attempt to leverage [the exploit] to compromise Apple users, especially those connected to wireless networks," said Symantec in a separate alert issued Wednesday to customers of its DeepSight Threat network. "Wireless networks are an especially high threat, because users' systems may be exposing the service that may otherwise be protected by a gateway firewall installed on a home network."
Symantec recommended that users disable the Windows Sharing service until Apple produces a patch. Technically-astute users, however, may be able to handle the more rigorous chore of compiling the latest version of Samba manually in lieu of waiting for Apple.
Apple has not updated Samba within Mac OS X since March 2005.
Contact Us
DiggEmail A Friend
Email this article to a friend or colleague:
PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.
Permalink This Article
This articles permalink is:
http://www.macworld.co.uk/news/index.cfm?NewsID=18669
<<prev article | back to news index | next article>>
Latest News
- Apple intros Aperture 3, adds over 200 new features
- Walt Disney World iPhone update offers 300 pages, 500 photos
- VIP iPhone app drops from millionaire priced £279.99 to under a tenner
- Play.com: Google Nexus One now available for pre-order
- Amazon's Kindle gets ready to battle Apple's iPad
- Apple Store is down, new Macs imminent?
- Canon intros EOS 550D 18-megapixel DSLR camera
- WSJ: Apple could slash iPad prices if sales disappoint
- Apple offers 'find out how' tutorials as podcasts
- Adobe says sorry for 16-month-old Flash bug
- Getty launches subscription stock image service, Thinkstock
- RouteBuddy intros RouteBuddy Atlas 1.3 for iPhone, iPod touch
iPhone 3G S Video Review
Mac Broadband?
Search news
Search Google
Newsletter signup
It's easy and free to get the latest news headlines, reviews and opinions straight to your email inbox. Sign up NOW to make sure you receive the latest Mac news, reviews and tutorials on your favourite topics.
Register now
Stay on top of the latest, breaking Mac news and chat with other Mac professionals and enthusiasts about the issues that matter to you. Register with Macworld today to join our forums and receive our twice-weekly email newsletter, Macworld Mainline.
RSS
Have the latest content delivered to your desktop via RSS. Use the links below to get access to a specific blog, news, or reviews feed.
MACWORLD MARKETPLACE
 |
Computer & Laptop |
 |
Are you a new customer? Are you doubtful? |
 |
Circus Ponies NoteBook - the easy way to get organized on the Mac |
 |
50% off ebooks |
 |
Beat the Credit Crunch - Lease your Mac from Hardsoft. |
Click here for the latest reader comments