Dangerous Zero-day Mac Exploit Released
Yes folks, the MoAB (Month of Apple Bugs) has officially begun today. The first vulnerability to be disclosed to the public is an extremely dangerous one that uses QuickTime to execute a malicious payload that could wreck your system quite easily. Here are the details:
This is the first of many Apple vulnerabilities that will be exposed this month. This exploit is EXTREMELY dangerous because it can be remotely triggered with a malicious email attachment or a specially crafted webpage that will automatically trigger the QuickTime "movie" which is actually not a movie but a malicious payload. The exploit is in weaponized Metasploit form and there are no patches available. Disabling QuickTime playback in the web browser of choice might be the only temporary work-around at this time. Mac users should also avoid opening QuickTime files they receive in email unless they're sure the file is from someone they trust and it's intended for them.
For those of you who are running Intel-based Macs and who wish to verify if they are vulnerable to this particular exploit or not, here is a test link that will let you know all about it.