From Pine View Farm

Mac Attack 0

Apple just works. Until it doesn’t:

A serious “drive-by” Java security exploit has been found in the wild which targets Mac OSX users. Exploiting a logical flaw in the way the Java Runtime Environment handles arrays, a malicious web page bypasses the sandbox and injects executable code into existing Mac OSX programs without triggering a prompt for an administrator password. This is a nasty exploit, which unfortunately is already in the wild.

This led to a large-scale spam outbreak, which used pirated logins and passwords to flood the innerwebs with spam yesterday. It was aided and abetted by the complacency of iStuff users who believe that Apple “just works” and therefore do not take the simplest precautions to keep their software updated and to practice safe HEX.

If you believe the hype, the hype will get you. Every time.


Comments are closed.