11:29 PM
Sanjeev Saju
IDG News Service-Microsoft has detected a new piece of malware targeting Apple OS X computers that exploits a vulnerability in the Office productivity suite patched nearly three years ago.
The malware is not widespread-wrote Jeong Wook Oh of Microsoft's Malware Protection Center.But it does show that hackers pay attention if it's found people do not find patches as those fixes are released,putting their computers at a higher risk of getting affected.
''Exploiting Mac OS X operating systems is not much differ form other operating systems'',Oh wrote.''Even though Mac OS has introduced many mitigation technologies to reduce risk,your protection against security vulnerabilities has a direct correlation with updating installed applications.''
The Security update which Microsoft released in June 2009,MS09-027,addressed two vulnerabilities that could be used by an attacker to gain remote control over a machine and run other code.But vulnerabilities could be exploited with a specially crafted Word Document.
The Exploit discovered by Microsoft doesn't work with Snow Leopard and prior versions.Oh wrote that it is likely attackers have knowledge about computers they are attacking ,such as victim's operating system version and patch levels.
The malware delivered by the exploit is written specifically for OS X and is basically a 'backdoor',or a tool that allows for remote control of a computer.
Microsoft advised those who use Microsoft Word 2004 or 2008 for Mac or the Open XML File Format Converter for Mac to ensure those products have applied the patch.
"In conclusion we can see that Mac OS is not safe from malware'',Oh wrote.''Statistically speaking,as this Operating System gains in consumer usage,attacks on the platform will increase''.
Send news tips and comments to jeremy_kirk@idg.com
The malware is not widespread-wrote Jeong Wook Oh of Microsoft's Malware Protection Center.But it does show that hackers pay attention if it's found people do not find patches as those fixes are released,putting their computers at a higher risk of getting affected.
''Exploiting Mac OS X operating systems is not much differ form other operating systems'',Oh wrote.''Even though Mac OS has introduced many mitigation technologies to reduce risk,your protection against security vulnerabilities has a direct correlation with updating installed applications.''
The Security update which Microsoft released in June 2009,MS09-027,addressed two vulnerabilities that could be used by an attacker to gain remote control over a machine and run other code.But vulnerabilities could be exploited with a specially crafted Word Document.
The Exploit discovered by Microsoft doesn't work with Snow Leopard and prior versions.Oh wrote that it is likely attackers have knowledge about computers they are attacking ,such as victim's operating system version and patch levels.
The malware delivered by the exploit is written specifically for OS X and is basically a 'backdoor',or a tool that allows for remote control of a computer.
Microsoft advised those who use Microsoft Word 2004 or 2008 for Mac or the Open XML File Format Converter for Mac to ensure those products have applied the patch.
"In conclusion we can see that Mac OS is not safe from malware'',Oh wrote.''Statistically speaking,as this Operating System gains in consumer usage,attacks on the platform will increase''.
Send news tips and comments to jeremy_kirk@idg.com
0 comments:
Post a Comment