iAdware: proof-of-concept adware program
You are here:  SillyDog701 > Message Centre > Mac OS and Apple > [sdt=12438]
SillyDog701 Forums
Author Message
Antony
Site Admin


Joined: 18 Jun 2002
Posts: 11914
26 Nov, 2006 6:55 am iAdware: proof-of-concept adware program [sdp=79772]  
F-Secure noted a proof-of-concept sample of an adware program what can be silently installed to Mac user account. The only clue F-Secure provided is:
"it's a feature not a bug, but let's just say that installing a System Library shouldn't be allowed without prompting the user."

UserAgent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.8.1) Gecko/20061010 Firefox/2.0
MozInfo701 | MacCentre701 | AntBlog701 | don't steal music.
Back to top profile website
J-M
diamond member

Juha-Matti Laurio
Joined: 25 Jul 2004
Posts: 734
Location: Helsinki, Finland
28 Nov, 2006 10:24 am [sdp=79840]  
But more information is in this malware document of McAfee:
http://vil.nai.com/vil/content/v_140972.htm

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.0; fi; rv:1.8.0.8) Gecko/20061025 Firefox/1.5.0.8
Back to top profile website
Antony
Site Admin


Joined: 18 Jun 2002
Posts: 11914
28 Nov, 2006 9:54 pm [sdp=79850]  
Apple has address this issue with Security Update 2006-007.

Quote:
Installer

CVE-ID: CVE-2006-4404

Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.8, Mac OS X Server v10.4.8

Impact: When installing software as an Admin user, system privileges may be used without explicit authorization

Description: Admin users are normally required to authenticate before executing commands with system privileges. However, the Installer allows system privileges to be used by Admin users when installing certain packages without requiring authentication. This update addresses the issue by requiring authentication before installing software with system privileges.


Well done!

UserAgent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en) AppleWebKit/418.9 (KHTML, like Gecko) Safari/419.3
MozInfo701 | MacCentre701 | AntBlog701 | don't steal music.
Back to top profile website
J-M
diamond member

Juha-Matti Laurio
Joined: 25 Jul 2004
Posts: 734
Location: Helsinki, Finland
29 Nov, 2006 2:33 am [sdp=79862]  
Thanks for the information. It was a quick process.

Are you sure that this is a patch against iAdware too (I'm asking because Apple doesn't list any related reference URLs).

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.0; fi; rv:1.8.0.8) Gecko/20061025 Firefox/1.5.0.8
Back to top profile website
Antony
Site Admin


Joined: 18 Jun 2002
Posts: 11914
29 Nov, 2006 4:28 am [sdp=79864]  
J-M wrote:
Are you sure that this is a patch against iAdware too (I'm asking because Apple doesn't list any related reference URLs).
Not 100% sure, but the description seems to match the "iAdware".

UserAgent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.8.1) Gecko/20061010 Firefox/2.0
MozInfo701 | MacCentre701 | AntBlog701 | don't steal music.
Back to top profile website
J-M
diamond member

Juha-Matti Laurio
Joined: 25 Jul 2004
Posts: 734
Location: Helsinki, Finland
11 Dec, 2006 9:04 am [sdp=80359]  
Unfortunately, the latest information says it was not fixed.

Some references included to this SecuriTeam Blogs blog entry:
http://blogs.securiteam.com/index.php/archives/753

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.0; fi; rv:1.8.0.8) Gecko/20061025 Firefox/1.5.0.8
Back to top profile website
Display posts from previous:   
Reply to topic    Forum Index > Mac OS and Apple All times are CST (GMT -6)
page 1 of 1
To add your questions, comments, and for more features and more, please join SillyDog701 Message Centre. It's free! This is SillyDog 701 Message Centre (SD701 Forums).
Sportster parts - shop online for harley davidson parts & accessories at 20% discount.
Buy Text Links - buy and/or sell text link ads.

David Crowder Band You can support SillyDog701 when you buy your favourite music, TV shows, movies from iTunes Store. You can even rent movies from iTunes Store.
Need online space for sharing and syncing? .Mac now to up 10GB storage.

*Search | FAQ | Rules and Policies | MozInfo701 - Mozilla Information Centre | SD701 Open Directory | Message Board Map | download Netscape