[X-Newbies] MAC VIRUS

[Norman Cohen]

And now MacWorld has weighed in:

<http://www.macworld.com/news/2006/02/21/safari/index.php?lsrc=mwrss>

I'd suggest also checking out the web safety suggestions at Apple's  
site referenced in the MacWorld article:

<http://docs.info.apple.com/article.html?artnum=108009>

Norm
---
Norman A. Cohen
nacohen at mac.com

"The enemy is anybody who's going to get you killed, no matter which  
side he's on."
Joseph Heller







On Feb 21, 2006, at 13:12 PM, Norman Cohen wrote:

> And on that note, there does appear to be a new security threat  
> associated with Safari, where downloading a "safe" file that  
> actually hides a certain type of shell script can lead to the shell  
> script automatically running. A malicious shell script could do all  
> sorts of bad things, like, say, erasing your whole user directory.  
> I'd say that this is probably a fair bit worse than the Oompa  
> Loompa worm. I would expect Apple to address this fairly quickly,  
> but in the meantime would suggest that everyone turn off "Open  
> "safe" files after downloading" option in the General Pane of  
> Safari preferences. Then check the file information for the  
> downloaded file before opening it. In the case of a sample exploit,  
> the filename indicates that the file is a picture; however, under  
> file preview in Column View in the Finder, the file is described as  
> a Unix Executable File. This exploit can also occur with Mail.app,  
> but there is not an easy fix for that at this point.
>
> <http://www.heise.de/english/newsticker/news/69862> for more  
> information.