Leopard file download security flaw discovered

Intego, makers of VirusBarrier and other Mac OS X security software, have issued an alert regarding a flaw in the way that the Mac OS X v10.5 'Leopard' handles files that have been downloaded from the Internet. This affects mail attachments, Safari downloads and iChat file transfers, according to Intego.

Share

Intego, makers of VirusBarrier and other Mac OS X security software, on Wednesday issued an alert regarding a flaw in the way that the Mac OS X v10.5 "Leopard" handles files that have been downloaded from the Internet. This affects mail attachments, Safari downloads and iChat file transfers, according to Intego.


The problem was identified on Tuesday by Heise Security, which says it's identical to a security flaw that first came to light in Tiger Mail back in March, 2006, a security flaw that Apple actually patched in Tiger, but has apparently reappeared in Leopard (causing Heise to refer to it as "the same old error").

Heise says that a file downloaded from the Internet can contain a resource fork that will cause the Mac to open the file (if it's double-clicked by a user) in Terminal, automatically executing a shell command sequence. The file is "disguised" as another type of enclosure; in Heise's example, a JPEG image.

Apple has not yet released a security update for this issue, according to Intego. Intego has updated the virus definitions file used by its VirusBarrier X4 software to work around the issue.

Find your next job with computerworld UK jobs