Symantec the Virus Slayer reported sighting a Trojan horse that exploits the Apple Mac OS X LaunchD Local Format String Vulnerability. It provides root access on the Macintosh OSX version 10.4.6 or earlier.

When OSX.Exploit.Launchd is executed, the malicious bug performs the following actions:

1. Exploits the Apple Mac OS X LaunchD Local Format String Vulnerability which may elevate the privileges of a remote attacker's local account on an Apple Mac OS X computer.
2. Uses a crafted .plist configuration file for LaunchD service. In order to exploit LaunchD the attacker must execute the command: launchctl load [MALICIOUS FILE NAME]
3. Runs inside the process of LaunchD which runs with root privileges.
4. Opens a shell with full root privileges which is controllable by the attacker.

However the company also said the Apple Trojan as a minor threat as it has not spread widely and easily removed. To help minimize attacks Symantec gave the following recommendations:

• Always keep virus protection program up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services (for example, all Windows-based computers should have the current Service Pack installed.).
• Enforce password policy to prevent or limit damage when a computer is compromised.
• Configure email server to block or remove email that contains file attachments that are commonly used to spread viruses, such as .vbs, .bat, .exe, .pif and .scr files.
• Isolate infected computers quickly.
• Train employees not to open attachments unless they are expecting them.

If your Mac is already infected, you may download the removal tools from Symnatec.

Rumors galore! Even if the Mac Leopard would have a late 2006 or early 2007 release date, the backfence talks have not stopped. If rumors are to be believed, iChat 4.0 (to be included with the Leopard) will include the capability to call traditional phone lines, which is like existing VoIP big shot Skype and betas from Microsoft and Google.

Apparently, the site who featured this reiterated the rumor recently since their "sources" had gave them an in-depth preview of the Leopard. With regards to the iChat 4.0, if it's able to call a landline or a cell phone, then that's awesome, but if it could only make PC-to-PC calls, then they don't have nothing new to offer to the table because people had been doing that for a long time already.

Aside from the iChat gossip, there is also the rumor about more transparency, dashboard speed improvements, remote control access, tabbed iChat and whiteboarding among many others.

Well, maybe these rumors could be trashed or verified when it will be previewed in the upcoming Worldwide Developers Conference this coming August 7-11, 2006. Until nothing concrete and official is presented or written, then these will remain rumors.

Everytime that you connect to a remote computer with your Mac OS X, you are given the option of being a registered user or a guest. Fortunately or unfortunately, anyone in your network will have access to your computer via guest access.

Even if this only gives the user access to the drop box, they will still have the ability to place files inside your computer without any consent from you. Anyone, reading this and nodding their heads saying it sounds familiar, then just follow these guide from Rhett Frei, on how to disable the guest account in Mac OS X.

Step 1: Look for com.apple.AppleFileServer.plist under /Library/Preferences. After you've already located it, hold down option and drag the file to your desktop. Then, you'd have to move it again to another folder, say Documents. This will serve as your backup.

Step 2: If you have a .plist editor at your disposal, double click on com.apple.AppleFileServer.plist to open the file. If not you can download  PlistEdit Pro located below this article.

Step 3: Turn down the arrow  Root in the Property List column and when you find guestAccess, change its value from yes to no.

Step 4: Save (cmd-S) your work on the file and Quit (cmd-Q)

Step 5: Hold down Option and drag com.apple.AppleFileServer.plist from the Desktop back into /Library/Preferences. Once you've done that you can now dispose of copies that are on your desktop and in the Documents folder.

Download: [PlistEdit Pro]