XPost: comp.misc
From the «so easy it Just Works» department:
Title: New Attack Bypasses Mac OS X Gatekeeper
Author:
help@slashdot.org
Date: Wed, 30 Sep 2015 11:31:00 -0400
Link:
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/wbIA6Jw98wQ/new-attack-bypasses-mac-os-x-gatekeeper
msm1267 writes: Mac OS X's Gatekeeper security service is supposed to protect Apple computers from executing code that's not signed by Apple or downloaded from its App Store. A researcher, however, has built an exploit that uses a signed binary to execute malicious code. Patrick Wardle, a longtime Apple hacker, said Gatekeeper performs only an initial check on an application to determine whether it came from an untrusted source and should not be executed. Using a signed binary that passes the initial check and then loads a malicious library or app from the same or relative directory, however, will get an advanced attacker onto an OS X machine. Wardle disclosed his research and proof of concept to Apple, which said it is working on a patch, and may push out a short-term mitigation in the meantime.
[image 2][1][image 4][3][image 6][5]
Read more of this story[7] at Slashdot.
[image 8]
Links:
[1]:
http://twitter.com/home?status=New+Attack+Bypasses+Mac+OS+X+Gatekeeper%3A+http%3A%2F%2Fbit.ly%2F1WxMYGk (link)
[2]:
http://a.fsdn.com/sd/twitter_icon_large.png (image)
[3]:
http://www.facebook.com/sharer.php?u=http%3A%2F%2Fapple.slashdot.org%2Fstory%2F15%2F09%2F30%2F1322210%2Fnew-attack-bypasses-mac-os-x-gatekeeper%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook (link)
[4]:
http://a.fsdn.com/sd/facebook_icon_large.png (image)
[5]:
http://plus.google.com/share?url=http://apple.slashdot.org/story/15/09/30/1322210/new-attack-bypasses-mac-os-x-gatekeeper?utm_source=slashdot&utm_medium=googleplus (link)
[6]:
http://www.gstatic.com/images/icons/gplus-16.png (image)
[7]:
http://apple.slashdot.org/story/15/09/30/1322210/new-attack-bypasses-mac-os-x-gatekeeper?utm_source=rss1.0moreanon&utm_medium=feed (link)
[8]:
http://feeds.feedburner.com/~r/Slashdot/slashdot/~4/wbIA6Jw98wQ (image)
--
Posting to comp.misc, sci.misc, and misc.news.internet.discuss
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)