August 19, 2022
Charlie Miller to Disclose How He Found 20 Zero Day Holes in Mac OS X

Charlie Miller to Disclose How He Found 20 Zero Day Holes in Mac OS X

Posted March 19, 2010 at 12:59pm by iClarified · 3719 views
Security expert Charlie Miller is planning to disclose how he found 20 zero day security holes in Mac OS X at the CanSecWest security conference next week, according to H-Online.

The zero-day holes are present in closed source Apple products, said Miller. "OS X has a large attack surface consisting of open source components (i.e. webkit, libz, etc), closed source 3rd party components (Flash), and closed source Apple components (Preview, mdnsresponder, etc). Bugs in any of these types of components can lead to remote compromise"

Miller discovered the vulnerabilities by fuzzing, a process which bombards application input channels with as much corrupted data as possible. His presentation subtitled, "An analysis of fuzzing 4 products with 5 lines of Python" will discuss "what you really find when you fuzz and it tries to draw conclusions about what to expect in the future when you fuzz a mature product."

Miller says Apple users are currently "safer, but less secure."

"Mac OS X is like living in a farmhouse in the country with no locks, and Windows is living in a house with bars on the windows in the bad part of town."

Read More [via Jacqui]


Charlie Miller to Disclose How He Found 20 Zero Day Holes in Mac OS X
Add Comment
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
No
iClarified Icon
Notifications
Would you like to be notified when we post a new Apple news article or tutorial?
Yes
No
You must login or register to add a comment...
HO
HO - March 19, 2010 at 4:58pm
...What????....isn't supposed to be the other way around and Windows is an open cage in a bank?....so when are the virus coming to Mac, or is it that they are already flowing but cause of no antivir Mac users are clueless about it?
Recent. Read the latest Apple News.
RECENT
Tutorials. Help is here.
TUTORIALS
Deals. Save on Apple devices and accessories.
DEALS