The "Month of Kernel Bugs" project has found two unpatched security vulnerabilities in the way Mac OS X handles .dmg files.
The first vulnerability, rated "highly critical" by security-firm Secunia, can lead to privilege escalation, denial of service, and system access by a remote user (if Safari's open "safe" files option is checked).
The second issue is similar in nature, in that a corrupted UDTO HFS+ .dmg (ex. bad sectors) can lead to a denial of service condition.
A workaround for both issues is to disable Safari's option to open "safe" files after downloading, and to not open any .dmg file from a source you do not trust.
The latest findings increase the total to four security bugs found in Apple's software since the beginning of the project this month (See also: Airport Driver Exploit , fpathconf() Exploit ). The project has also targeted Windows, Linux, and other popular BSD distributions, with a stated goal to "check how many unreported and unknown issues can be found in kernel code out there, using simple, yet effective tools deploying techniques such as fuzzing and 'stress testing'."
Apple's Worldwide Developers Conference (WWDC) starts today with the traditional keynote kicking things off at 10:00 a.m. Pacific Time. MacRumors is on hand for the event and we'll be sharing details and our thoughts throughout the day.
We're expecting to see a number of software-related announcements today, headlined by a reset on Apple's push into AI that should see a significant overhaul...
Apple today announced that macOS 27 is named macOS Golden Gate.
Much like Mac OS X Snow Leopard in 2009, Apple said it focused on improving macOS's performance and dozens of underlying technologies this year.
Apple says macOS Golden Gate offers quicker AirDrop transfers, faster network file browsing, improved syncing in the Messages app, better Spotlight search suggestions, and other...
Back at WWDC 2025, Apple revealed that it was planning to allow CarPlay users to watch video via AirPlay in their vehicles while they are not driving, but we did not hear many specific details about this functionality until now.
In a WWDC 2026 video aimed at developers, Apple said the CarPlay video feature is available in new vehicles that support it. When playing a video in an iPhone app...
