The "Month of Kernel Bugs" project has found two unpatched security vulnerabilities in the way Mac OS X handles .dmg files.
The first vulnerability, rated "highly critical" by security-firm Secunia, can lead to privilege escalation, denial of service, and system access by a remote user (if Safari's open "safe" files option is checked).
The second issue is similar in nature, in that a corrupted UDTO HFS+ .dmg (ex. bad sectors) can lead to a denial of service condition.
A workaround for both issues is to disable Safari's option to open "safe" files after downloading, and to not open any .dmg file from a source you do not trust.
The latest findings increase the total to four security bugs found in Apple's software since the beginning of the project this month (See also: Airport Driver Exploit , fpathconf() Exploit ). The project has also targeted Windows, Linux, and other popular BSD distributions, with a stated goal to "check how many unreported and unknown issues can be found in kernel code out there, using simple, yet effective tools deploying techniques such as fuzzing and 'stress testing'."
While the iPhone 18 Pro and iPhone 18 Pro Max are not expected to launch for more than five more months, there are already plenty of rumors about the devices.
It was initially reported that the iPhone 18 Pro models would have fully under-screen Face ID, with only a front camera visible in the top-left corner of the screen. However, the latest rumors indicate that only one Face ID component...
We're long overdue for an Apple TV update, and there have been rumors about an imminent refresh since late last year. It's now sounding like we're not going to get a new version for several months because of Siri delays. If you're holding out for a new model, here's a recap on what to expect when it eventually comes out so you can decide whether to continue to wait, or buy now.
Design
Apple ...
Apple's CarPlay system for accessing iPhone apps on a vehicle's dashboard screen received three popular apps this week: ChatGPT, Google Meet, and Audiomack.
CarPlay Ultra in an Aston Martin
In addition, WhatsApp is beta testing a revamped CarPlay app that will improve upon the basic Siri-based functionality that was previously available.
Make sure you have the latest version of each app...
While the iPhone 18 Pro and iPhone 18 Pro Max are not expected to launch for more than five more months, there are already plenty of rumors about the devices.
It was initially reported that the iPhone 18 Pro models would have fully under-screen Face ID, with only a front camera visible in the top-left corner of the screen. However, the latest rumors indicate that only one Face ID component...
We're long overdue for an Apple TV update, and there have been rumors about an imminent refresh since late last year. It's now sounding like we're not going to get a new version for several months because of Siri delays. If you're holding out for a new model, here's a recap on what to expect when it eventually comes out so you can decide whether to continue to wait, or buy now.
Design
Apple ...
Apple's CarPlay system for accessing iPhone apps on a vehicle's dashboard screen received three popular apps this week: ChatGPT, Google Meet, and Audiomack.
CarPlay Ultra in an Aston Martin
In addition, WhatsApp is beta testing a revamped CarPlay app that will improve upon the basic Siri-based functionality that was previously available.
Make sure you have the latest version of each app...
