The "Month of Kernel Bugs" project has found two unpatched security vulnerabilities in the way Mac OS X handles .dmg files.
The first vulnerability, rated "highly critical" by security-firm Secunia, can lead to privilege escalation, denial of service, and system access by a remote user (if Safari's open "safe" files option is checked).
The second issue is similar in nature, in that a corrupted UDTO HFS+ .dmg (ex. bad sectors) can lead to a denial of service condition.
A workaround for both issues is to disable Safari's option to open "safe" files after downloading, and to not open any .dmg file from a source you do not trust.
The latest findings increase the total to four security bugs found in Apple's software since the beginning of the project this month (See also: Airport Driver Exploit , fpathconf() Exploit ). The project has also targeted Windows, Linux, and other popular BSD distributions, with a stated goal to "check how many unreported and unknown issues can be found in kernel code out there, using simple, yet effective tools deploying techniques such as fuzzing and 'stress testing'."
We're only four months out from the launch of Apple's premium next-generation smartphone lineup, and while we're not expecting a sea change in terms of functionality, there are still several enhancements rumored to be coming to the iPhone 18 Pro and iPhone 18 Pro Max.
One thing worth noting is that Apple is reportedly planning a major change to its iPhone release cycle this year, adopting a...
Apple released iOS 26.5 after a few months of beta testing, and while it doesn't have the Siri features we were hoping for since those are being held until iOS 27, there are a handful of useful changes worth knowing about.
Subscribe to the MacRumors YouTube channel for more videos.
End-to-End Encryption for RCS
Support for end-to-end encryption (E2EE) for RCS messages between iPhone and...
Social network Reddit recently began blocking mobile visitors to its website while pushing them to download the official Reddit app, and it's fair to say that the move is not going down well with users.
If you visit reddit.com on your iPhone today, you may see a new popup that can't be dismissed, asking you to "get the app to keep using Reddit."
A Reddit spokesperson told Ars Technica...
