Every Mac can be hacked by this new flaw, and there's no fix yet

[ziondwilder]

"Independent security researcher Park Minchan found that prefacing a link in an inetloc file with "file://" instead of "http://" or "https://" made it possible to run arbitrary code on — i.e. hack — any Mac running fully updated macOS 11.6 Big Sur. (The "file://" prefix specifies a file on the local PC.)"

""These files can be embedded inside emails which, if the user clicks on them, will execute the commands embedded inside them without providing a prompt or warning to the user," said an unsigned posting today (Sept. 21) on the SSD-Disclosure bug-reporting website."

https://www.tomsguide.com/news/macos...r-inetloc-flaw

 

[Control for Smilers]

wild.

 

[fattboyzz]

 

[jeep78]

Unpossible, Macs are the most secure puter the world has ever seen.

 

[Allsmiles]

I'm glad I use Apple computers Instead.

 

[unheard]

This requires the payload to already be on your machine and the attacker to know where it is. If the attacker has already placed an executable on your machine and in a location they have specified, you're already fubar. Don't expect drive by attacks.

MacOS 12 is on the horizon, and this 'flaw' will no doubt be patched. Until then, be smart, and don't click on links from random emails. This goes for Windows users as well (I use all 3 major OS's for what it's worth).

TLDR; It was a slow news day 17 days ago.

 

[41mag]

Non issue on iPads ?
I am running like iPadOS14.?? with an upgrade to 15.0 poss.

 

[Trailrider]

It's really a non issue if you just don't click on unknown links from unknown senders. But people inadvertently infect their Macs and PC's daily from clicking on things they shouldn't. That really isn't new information.

 

[ziondwilder]

Unpossible, Macs are the most secure puter the world has ever seen.

Don't be naive... All our data our on the Apple iOS are stored somewhere on Apple storage, ain't they?

 

[DanKATL]

I guess I should go back to my Apple II clone for surfing the internet.