Mac OS X, Windows Security Gaps Found
Mac OS X Panther and Jaguar are found to be vulnerable to the malicious granting of root access, while five holes in Microsoft's Internet Explorer for Windows could compromise a user's system.On Wednesday, William Carrel posted an advisory warning of a malicious DHCP response that can grant root access for Mac OS X. The vulnerability affects the desktop and server versions of Mac OS X 10.2, known as Jaguar, as well as Mac OS X 10.3, known as Panther, he wrote. Carrel noted that Apple Computer Inc. currently has no patch for the hole but may be looking to provide an update in December. Carrel wrote that he had notified Apple of the security issue before Panther and a November security update were released. Apple officials could not be immediately reached for comment.
Separately, Copenhagen, Denmark-based security company Secunia issued a security advisory late Tuesday about five security vulnerabilities in Internet Explorer 6.0 and possibly in earlier versions of the browser as well. Together, they "can be exploited to compromise a users system" the advisory warns.