McAfee, Inc. Provides Protection Against New Mac Os X Exploits and Viruses

McAfee, Inc. (NYSE: MFE), the leading dedicated security technology company, today announced that it provides protection from attacks targeting the newly discovered Apple Mac OS X Command Execution Vulnerability and the recent worms targeting the Mac OS X platform, including OSX/Inqtana.a and OSX/Leap. While McAfee® AVERT® Labs, the world-class research division of McAfee, Inc., has traditionally viewed Mac threats as a non-issue and rates the worms Low-Profile at this time, it does believe these threats demonstrate a renewed interest by the malware authoring community in the Mac OS platform.

The Apple Mac OS X Command Execution Vulnerability, which was discovered February 21 by Michael Lehn, is a critical vulnerability that exists when accessing specially crafted files. Both proof of concept exploits and malicious exploit code are public, and a patch is not yet available. Apple Mail and Safari have been identified as attack vectors for this vulnerability.

"Given recent activity, McAfee AVERT Labs forecasts that attackers may attempt to test the viability of exploiting this vulnerability en masse, by producing a reconnaissance Trojan to identify a vulnerable user base," said Craig Schmugar, virus research manager, McAfee AVERT Labs. "Exploit source code with a payload has been published. Now, the message is 'welcome to zero-day vulnerability land for many Mac OS X users' Only, Mac OS X users are less prepared, less aware and mitigation tools are less evolved."

OSX/Inqtana.a, which was discovered February 18, is a proof of concept worm that exploits an Apple Mac OS X Directory traversal vulnerability in the Bluetooth file and object exchange services (CVE-2005-1333). This worm spreads over the Bluetooth OBEX Push service, which typically requests the user to accept a file transfer over Bluetooth. It also exploits a directory traversal vulnerability in Mac OS X to install and auto-start the worm on the infected machine. Users are advised not to accept requests from unknown devices.

OSX/Leap, which was discovered February 16, is an instant messaging worm propagating via iChat on PowerPC-based machines running Mac OS X. The worm sends itself to people on the user's buddy list in the form of a .tgz archive and attempts to masquerade as a jpeg image file to trick the user into executing it. OSX/Leap requires user interaction in order to infect a machine.

About The Author:

Craig Schmugar is a successful author and regular contributor to http://www.help-desk-software-n-application.com. The latest information for computer help desk software, IT help desk software, software programs and help desk support software.