Guides Vulnerability Strikes OS X 10.4.5

Vulnerability Strikes OS X 10.4.5

Apple Mac OS X users may be at risk from an “extremely critical” vulnerability that remains unpatched. The exploit comes on the heels of the release of OS X 10.4.5 and recent reports that worm writers are targeting Mac users.
No patch as yet released for a highly critical flaw in the latest version of OS X.

Danish security firm Secunia has rated the new flaw “extremely critical.”

The vulnerability is allegedly caused by a flaw in how OS X 10.4.5 handles file association meta data found in ZIP archives. Arbitrary commands could potentially be executed automatically via Apple’s Safari web browser from a malicious site.

As of press time, Apple had not issued a patch or an advisory for the issue on its security update site. Just last week, Apple updated OS X to version 10.4.5.

Though there isn’t a formal patch, there is a simple way to avoid infection. Secunia advises that Mac users disable the “Open safe files after downloading” option in Safari.

Secunia has also posted a link for users to test to see if they are at risk from the vulnerability.

The new security vulnerability comes as OS X is facing its first worms. CME-4, also known as Leap.A, appeared last week, spreading over Apple’s iChat instant messaging system.

Security vendors, including Symantec and Sophos, reported this past weekend the discovery of OSX.Inqtana.A worm, which takes advantage of vulnerabilities in Apple’s Bluetooth implementation.

“Viruses emerging for the Mac OS X platform is headline news for Apple fans, but they are currently posing far from the level of threat that Windows users face every day,” said Graham Cluley, senior technology consultant for Sophos, in a statement.

“No one should panic, but this is an indication that hackers are showing an increased interest in targeting the platform.”

This article was originally published on

Latest Posts

How to Convert a Physical Computer to a Virtual Machine

Many organizations are implementing virtualization technology into their networks to convert physical computers to virtual machines (VM). This helps reduce overall physical hardware costs,...

HPE ProLiant DL380 Gen10: Rack Server Overview and Insight

The HPE ProLiant DL380 series has consistently been a market leader in the server space. The Gen10 released in 2017 further increased HPE's market...

Best Server Management Software & Tools 2021

Finding the best server management software tools for your organization can have a major impact on the success of your business operations. Manually handling...

IBM AS/400: Lasting the Test of Time

Some server operating systems (OS) were built to survive the test of time – the IBM AS/400 is one such system.  The AS/400 (Application System/400)...

What is Disaster Recovery?

The modern organization's heavy dependence on using data to drive their business has made having a Disaster Recovery (DR) plan in place a necessity....

Related Stories