Mac OS X's Software Update facility could be vulnerable to attack by hackers, claims security list Bugtraq.
Bugtraq is maintained by computer-security specialist Securepoint Technologies. The list (a moderated forum for independent reports) claims Software Update, “when configured by default, checks weekly for new updates from Apple”.
It explains: “HTTP is used with absolutely no authentication. Using well known techniques, such as DNS Spoofing or DNS Cache Poisoning, it is trivial to trick a user into installing a malicious program posing as an update from Apple.”
Root out The message warns that, because Apple's software updates are installed as “root”, exploitation of the vulnerability can lead to “root compromise” on affected systems. The report explains that affected systems include Mac OS X 10.1.x and (possibly) Mac OS X 10.0.x. Mac OS 9.x systems are not affected, as they do not employ Unix root-level privileges.
No patch is available yet. An exploit for this vulnerability has been released to the public for “testing purposes” – though not by Apple or Securepoint Technologies.
In the short-term, Mac OS X users could try adjusting their Software Update settings to install updates manually, checking updates for veracity before installation.
Local Apple UK representatives have so far been unavailable for comment. However, the company's treatment of security concerns is known. A note on the company's Web site reads: “For the protection of our customers, Apple does not disclose, discuss or confirm security issues until a full investigation has occurred and any necessary patches or releases are available.”