MacOS is kind of a hodgepodge of systems when it comes to determining a file type and how a given application should attempt to parse the content. As SecureMac’s lead developer Nicholas Ptacek remarked to the journalist who wrote up CVE-2019-8761 for Vice: That may seem like a surprisingly basic vulnerability for Apple to have overlooked, but for those familiar with the inner workings of macOS, it’s not really all that shocking.
HOW TO USE TEXTEDIT ON MAC CODE
If a user opened the file, then TextEdit would execute the malicious code as HTML. txt extension! This could allow an attacker to craft a malicious TXT file by including a declaration and some HTML code in the file. The ability to inject HTML into a TXT file obviously lots of potential attack vectors.Īfter some testing, Yibelo found that if you create a TXT file that includes a declaration at the beginning, TextEdit will treat the file as HTML - despite the. TextEdit can be tricked into thinking the file opened is an RTF-HTML file even when the file extension is TXT. And this is where the vulnerability arises, because, as the researcher discovered: To parse this kind of information, he reports, TextEdit “uses RTF format instead of TXT”. However, Yibelo noticed that TextEdit also allows users to add basic text formatting (things like font color, bold or italic text, etc). Because these files only contain text, most firewall apps - and Gatekeeper itself - treat TXT files as harmless. TextEdit, the Mac’s built-in text editing app, is the default app used for handling TXT files (i.e. For this reason, Yibelo’s research is definitely still worth talking about! How does CVE-2019-8761 work? files that aren’t apps) can also cause serious security risks. Nevertheless, many Mac users are unaware that non-executable file types (i.e. So unless you’re running a version of macOS Catalina that hasn’t been updated in a very long time, you don’t have to worry about any direct threat from CVE-2019-8761. The research discussed in this article refers to a 2019 vulnerability that Apple has already patched.
HOW TO USE TEXTEDIT ON MAC FOR MAC
In this short article, we’ll discuss Yibelo’s research and say what it all means for Mac security. The bug could have allowed bad actors to craft malicious TXT files - files that, if opened, could have been used to execute HTML, leak user data, and more. This month, a security researcher named Paulos Yibelo published his write-up of CVE-2019-8761, a macOS TextEdit flaw that he discovered. TextEdit flaw could have let hackers create malicious TXT files
0 kommentar(er)
