Attack code that exploits a flaw in Apple's Mac OS X appeared last week, just one day after Apple released an update to fix its operating systems.
Symantec has warned about the new vulnerability in Apple iTunes software, which could allow attackers to "execute arbitrary code with elevated privileges." In other words, it may allow hackers control of the user's PC or Mac.
The "OSX.Exploit.Launchd" trojan horse is said to provide root access on the Mac OSX version 10.4.6 or earlier. However, Symantec's threat assessment list cited it to have an 'easy' threat containment and removal.
The company's security response website has a list of recommendations, some of which include basic tips like:
- Remove services that are not necessary. For example, the FTP, Telnet and auxiliary services that many operating systems tend to install.
- Configure email servers to block or remove email file attachments such as .vbs, .bat, .exe, .pif and .scr
- nforce a password policy.
Danish security firm Secunia, which labelled the vulnerability as 'moderately critical', said it had not really looked into the OSX.Exploit.Launchd.
However, senior security specialist Carsten H. Eiram confirmed via email that: "it reportedly exploits the recently published launchd format string vulnerability discovered by Kevin Finisterre."
"This vulnerability was fixed by Apple in Mac OS X Update 10.4.7," concluded Eiram.
"Attackers may exploit this issue to execute arbitrary code with elevated privileges," Symantec said in a security alert updated last Thursday.