Mac OS X Vulnerability

Over the last 2 weeks there have been some rumblings of Mac OS X vulnerabilities that could put your data at risk. It appears today, that there is a valid problem in existence.

As you may have noticed, if and when you download a .DMG file from a web site, it can mount and install itself after the download completes. Unfortunately, this opens a hole where malicious software could do the same action and alter or delete your data.

There is no complete fix yet available, but I assume Apple will have some sort of fix in place before the end of the week.

In the meantime, you can reduce your exposure in the following ways:

Run Safari

Select Safari Menu, Preferences...

Click on the General Tab

Uncheck the checkbox labeled "Open Safe Files After Downloading"

Close the preferences window

* Additionally, as always, be aware of what you are downloading and where you are downloading from. Be especially careful with files ending in .DMG.

* Backup your data. Even bugs in legitimate software can damage your data, so take this as an opportunity to re-visit your backup procedures to insure that your data is protected.

Here are 2 articles detailing the issues of this vulnerability:

http://www.tidbits.com/macnews.html#07672
http://macintouch.com/#notesandtips

Watch this space for further updates from Apple regarding this problem.