VirusBarrierdeveloper Intego has send off out a security memo for what it terms a “ low risk ” exploit to Mac OS X need Bluetooth . The effort , called Inqtana.d , is a substantiation - of - concept that has n’t been fancy “ in the wild ” — in other parole , it ’s not known to have actually impress any exploiter .
The previous permutation of a malware threat that first came to wanton earlier this year , Inqtana.d depends on security trap in Macs prevail Mac OS X v10.3 and 10.4 that have n’t been update with all uncommitted security update or system updates , according to Intego .
Inqtana.d is installed on a Mac via Bluetooth from a computer or PDA running Linux , Intego claims . The attacking computing machine needs to be within Bluetooth compass — about 30 feet or so . Inqtana.d exploits an “ rfcomm ” security jam in Bluetooth software package . But unlike previous implementations of Inqtana , it does n’t require any user synergistic — a user account address “ bluetooth ” is created , which grants root entree that can then be exploited for malicious use ( once the computer is restarted , in the case of Mac OS X v10.4 “ Tiger ” ) .
Intego also said that the Inqtana.d malware install additional software , and the user account include a “ back entrance ” which permit users lumber in through that business relationship using Ethernet or AirPort .
“ Users with updated Mac OS XTC systems will already have instal a security update that protects against this vulnerability , ” take down Intego .
Apple has already posteda security measures updatefor Mac OS X v10.3 andMac OS X v10.4.7 , both of which close this particular exploit — but if you have n’t updated your Mac with those , it stay at jeopardy .
“ If , however , users ’ computers have been compromised before applying the updates mentioned above , the damage will be done , and the backdoor will stay installed . The only way to ensure that this back entrance is removed is to go Intego VirusBarrier X4 , ” allege Intego .
