Apple’s iOS5 and the iCloud: Great Ideas, Huge Security Impact

Wondering how Apple’s iOS5 and the iCloud will affect your life? Check our recent slide deck that tackles some potential challenges as Apple gets ready to roll out their newest creation. In this deck, you’ll learn:

  • What is key
  • iOS5 ¬†idealism and reality
  • The good news and bad news
  • What do do and not do

As always, we’re here for discussion. Follow Brent Huston on Twitter to engage even more!

OS X Privilege Escalation

Apple Mac OS X 10.5 and 10.4 ARDagent (Apple Remote Desktop) contains a vulnerability that allows local users to gain root privileges through an AppleScript command. This issue was first presented last month, but now there are indications that this vulnerability is being actively exploited to install malicious software on target systems. Because this vulnerability is so easy to exploit, and allows root access, there is a potential for a lot of bad things to land on the system, such as rootkits.

At this time there has been no patch provided by Apple. Users are cautioned to only run trusted AppleScripts, and only install trusted applications.

OS X Trojan

A new OS X Trojan has been spotted in the wild. The Trojan has been given the identifier “TheOSX/Hovdy-A”, and can perform somewhat advanced attacks against an infected machine. The Trojan takes advantage of a recent escalation exploit within applescript to gain root access to the machine. Once root, the Trojan can manipulate the firewall, steal passwords, and disable security settings. As OS X becomes more popular, we can expect to see more malicious software aimed it. Don’t assume that you’re safe just because you’re on a Mac, follow all of the precautions that your would with any other OS and practice safe surfing!

OS X Update

Apple has released an update to OS X 10.5. The update addresses a broad spectrum of issues which could allow for a range of compromises ranging from Denial of Service to illicit remote access to the execution of arbitrary code. Some of the specifically identified vulnerabilities include problems with URL handling in Mail and the Safari browser, a buffer overflow in Samba and unspecified problems in NFS. For full details please see Apple’s original advisory at:http://docs.info.apple.com/article.html?artnum=307430

QuickTime 7.4 is available

The hits just keep coming! Apple has released another version of Quicktime this time around multiple vulnerabilities that may allow arbitrary code execution have been addressed. These include:

    An unspecified handling error in the processing of Sorenson 3 video files.

    An error in the processing of embedded Macintosh Resource records within QuickTime movies.

    Parsing errors of malformed Image Descriptor (IDSC) atoms.

    A boundary error in the processing of compressed PICT images.

We recommend that everyone upgrade to QuickTime 7.4
See Apple’s full advisory at:
http://docs.info.apple.com/article.html?artnum=307301

QuickTime 7.3.1 is available

Apple has released QuickTime 7.3.1 to address several vulnerabilities. These include the buffer overflow in RTSP, a heap buffer overflow found in QuickTime’s handling of QTL files and vulnerabilities which exist in QuickTime’s Flash media handler. Updates are available for: Mac OS X v10.3.9 or later, Windows Vista, and XP SP2. The relevant CVEs are CVE-2007-6166, CVE-2007-4706 and CVE-2007-4707 respectively.

OpenBSD Ouchie, Apple QuickTime and Solaris 10 Vulns

In a pretty rare occurrence, a remote buffer overflow in OpenBSD has been identified. The vulnerability exists in “dhcpd”, the DHCP daemon, and allows denial of service and arbitrary code execution on 4.0 – 4.2. This issue was originally published in May, but new developments have been made in refining the exploits and in details about the issue. Patches are available, and should be installed as soon as possible.

Apple updated QuickTime to fix several identified issues, including some security problems. The updates are now available, and if you use the Apple update service, you should get them applied automatically. The big problem repaired in this release is a heap overflow that can be used to seize control of machines. We mention this update because QuickTime is one of those pesky applications that seem to turn up everywhere, in many organizations. It would likely be wise to check not only workstations, but also any servers that are used in training, multi-media or presentations. QuickTime seems to be a common tool for these mechanisms.

Lastly, Solaris 10 systems have proven to be vulnerable to a new buffer overflow in the monitoring package “srsexec”. This is installed in many Solaris systems, especially those leveraging the centralized console management and administrative console applications. Attackers with local access to the Solaris system can exploit this issue to execute arbitrary code as “root”, since the binary is suid by default. Patches are already available and should be applied as soon as practical.