Apple Took 3+ Years to Fix FinFisher Trojan Hole
Results 1 to 3 of 3

Thread: Apple Took 3+ Years to Fix FinFisher Trojan Hole

  1. #1
    Registered User slgrieb's Avatar
    Join Date
    Feb 2003
    Posts
    4,103

    Apple Took 3+ Years to Fix FinFisher Trojan Hole

    Yet another fine report from krebsonsecurity.com

    "The Wall Street Journal this week ran an excellent series on government surveillance tools in the digital age. One story looked at FinFisher, a remote spying Trojan that was marketed to the governments of Egypt, Germany and other nations to permit surreptitious PC and mobile phone surveillance by law enforcement officials. The piece noted that FinFisher’s creators advertised the ability to deploy the Trojan disguised as an update for Apple’s iTunes media player, and that Apple last month fixed the vulnerability that the Trojan leveraged.

    But the WSJ series and other media coverage of the story have overlooked one small but crucial detail: A prominent security researcher warned Apple about this dangerous vulnerability in mid-2008, yet the company waited more than 1,200 days to fix the flaw."


    Full story here. The exploit used a vulnerability in iTunes that permitted authors to use the update service to introduce malware to the system as though it were signed Apple code.

    Definitely take the time to follow the WSJ link for more info on government surveillance. However, as it might make you queasy, you might wait until tomorrow.

  2. #2
    Registered User Ferrit's Avatar
    Join Date
    Apr 2001
    Location
    Vancouver Island The Real Canada
    Posts
    4,952
    That's their MO as it were never give a security report detailling a vulnerability the time of day. Then shortly afterwards lie and say you have a fix in the form of an update.
    Sounds like what they just did with the spyware issue
    Gigabyte 990FXA-UD3
    AMD FX 8350 4ghz OCTO-Core
    Windows 8.1 PRO 64
    Adata 256 gig SSD
    Kingston HyperX 1600 16 Gigs
    Sapphire R9 280 2gig
    Enermax Liberty Modular 620
    www.northernaurora.net
    http://www.northernaurora.net/page/chat.html

  3. #3
    Registered User cookin chef's Avatar
    Join Date
    Jul 1999
    Location
    Saskatoon, SK.
    Posts
    1,159
    Doesn't surprise me. There are still some hardcore apple fans who still believe Apple products can never have viruses/malware/etc.

Similar Threads

  1. IBM Courting Apple?
    By Stalemate in forum Tech News
    Replies: 0
    Last Post: December 14th, 2004, 12:04 PM
  2. [RESOLVED] W2K SP2??
    By Bjorn in forum Windows NT/2000
    Replies: 3
    Last Post: February 17th, 2001, 12:58 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •