Posted by: David Harley | May 12, 2015

MacKeeper vulnerability: maybe not that funny

For The Register, Richard Chirgwin reports on a remote code execution vulnerability in MacKeeperPop-up pest MacKeeper patches 0-day remote code execution vuln. The vulnerability is discussed at more length in a SecureMac advisory.

The MacKeeper article advises that users run MacKeeper Update Tracker so as to get a patched version.

Chirgwin suggests that Mac users annoyed by MacKeeper’s reputation for persistent and aggressive pop-up marketing will take some pleasure in the company’s embarrassment. However I wonder how many of the product’s many users will get to hear about the Proof of Concept attack (which MacKeeper’s article doesn’t actually mention) and take appropriate measures.

David Harley
Small Blue-Green World

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: