No announcement yet.

Huge security hole in Internet Explorer for MacOS

  • Filter
  • Time
  • Show
Clear All
new posts

  • omega884

    Alright, yeah it does look like a security hole, but it really isn't. What internet explorer does is when it downloads a BinHex document, it simply unencodes it into what ever it was supposed to be (usualy a stuffit archive) it does not execute the program contained within the document, therefore the only real exploitation of this would be to write the a virus that looks like a BinHex document to the computer, but executes like an app. Either way, such a file would be detrimental to all computers not just OS X ones.

    As for fixing it, all it simply requires is to go into IE's preferences and turn off auto-unencode and auto un-stuff.

    Leave a comment:

  • nulltone
    started a topic Huge security hole in Internet Explorer for MacOS

    Huge security hole in Internet Explorer for MacOS

    Internet Explorer 5.1, which comes preinstalled on MacOS X 10.1, has a huge security hole---when it downloads arbitrary programs encoded in the Macintosh's standard BinHex (.hqx) format, it automatically executes them. " Well I guess thats one way to make Unix insecure. Can anyone actually confirm this since it looks kinda sketchy. I wonder what someone's rationale would be for that:"Oh this won't hurt anyone, and saving that extra 'OK' click will be great!".

    Taken from