The federal US computer security watchdog has issued a warning about a bug in Apple's OS X operating system. The US Computer Emergency Readiness Team (US Cert) issued the alert after security researchers produced code that could exploit the DMG bug. The flaw involves the way OS X handles disk images and could be used to crash or take over a vulnerable machine. So far the DMG bug has only been shown to work under laboratory conditions and has not been seen in the wild. The DMG bug came to light during a month-long project run by the Info-Pull research group that aimed to find one "kernel" bug a day. The kernel is the heart of an operating system. The warning from US Cert urged said the memory corruption caused by the bug could make a computer unstable or allow an attacker to hijack it. It urged users to avoid downloading DMG files, which bear a .dmg suffix, from unknown sources.
The bug even affects machines that are patched with the latest fixes. Apple has yet to provide a fix for the DMG bug though a workaround is known which should stop computers falling victim. The bug has only been proved to work under laboratory conditions. No cases of it being exploited in the wild are known and no users are thought to be at risk. The availability of the exploit code might tempt some malicious hackers to craft webpages that take advantage of it. Users of Apple Mac computers are far less likely to suffer security problems because the vast majority of viruses are written to exploit Microsoft's Windows operating system. There are also differences in the way that OS X works which help to prevent malicious code taking hold. The increasing popularity of Mac computers has led to increasing scrutiny of Apple's operating system and security researchers are unearthing many flaws and potential exploits.
BBC NEWS | Technology | Official warning on Mac code bug