[Micronet] MAC vulnerability

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[Micronet] MAC vulnerability

Philip Weekly

Hello Micronet,

 

Yet another MAC vulnerability announced.

 

http://www.theregister.co.uk/2015/06/17/apple_hosed_boffins_drop_0day_mac_ios_research_blitzkrieg/

 

From what I gather Apple was made aware of the flaw back in October 2014 and 88% of the 1,612 apps stored in the App Store are vulnerable. 

 

To fix this Apple needs to redesign the way the Operating System separates apps.  This would also require all independent Apple developers to establish new security measures and update every app.

 

Best,

 

Philip

 

 

Philip Weekly

Director, Information Systems

 

School of Optometry

University of California

510-642-2230

http://cal-eye-care.org/

 

This email and any files transmitted with it are confidential. If you have received this email in error please notify the sender and then delete it immediately.

Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of The School of Optometry or The University of California.

 


 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.

ANNOUNCEMENTS: To send announcements to the Micronet list, please use the [hidden email] list.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] MAC vulnerability

Graham Patterson

For a slightly less adrenaline-filled description, see
https://isc.sans.edu/forums/diary/OS+X+and+iOS+Unauthorized+Cross+Application+Resource+Access+XARA/19815/


Graham

On 6/19/15 9:40 AM, Philip wrote:

> Hello Micronet,
>
>  
>
> Yet another MAC vulnerability announced.
>
>  
>
> http://www.theregister.co.uk/2015/06/17/apple_hosed_boffins_drop_0day_mac_ios_research_blitzkrieg/
>
>  
>
> From what I gather Apple was made aware of the flaw back in October 2014
> and 88% of the 1,612 apps stored in the App Store are vulnerable.
>
>  
>
> To fix this Apple needs to redesign the way the Operating System
> separates apps.  This would also require all independent Apple
> developers to establish new security measures and update every app.
>
>  
>
> Best,
>
>  
>
> Philip
>
>  
>
>  
>
> Philip Weekly
>
> Director, Information Systems
>
>  
>
> School of Optometry
>
> University of California
>
> 510-642-2230
>
> http://cal-eye-care.org/
>
>  
>
> This email and any files transmitted with it are confidential. If you
> have received this email in error please notify the sender and then
> delete it immediately.
>
> Please note that any views or opinions presented in this email are
> solely those of the author and do not necessarily represent those of The
> School of Optometry or The University of California.
>
>  
>
>
>
>  
> -------------------------------------------------------------------------
> The following was automatically added to this message by the list server:
>
> To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:
>
> http://micronet.berkeley.edu
>
> Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
>
> ANNOUNCEMENTS: To send announcements to the Micronet list, please use the [hidden email] list.
>


--
Graham Patterson, Systems Administrator
Lawrence Hall of Science, UC Berkeley   510-643-1984
"...past the iguana, the tyrannosaurus, the mastodon, the mathematical
puzzles, and the meteorite..." - used to be the directions to my office.

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.

ANNOUNCEMENTS: To send announcements to the Micronet list, please use the [hidden email] list.