Posted by: David Harley | May 12, 2015

MacKeeper vulnerability: maybe not that funny

For The Register, Richard Chirgwin reports on a remote code execution vulnerability in MacKeeperPop-up pest MacKeeper patches 0-day remote code execution vuln. The vulnerability is discussed at more length in a SecureMac advisory.

The MacKeeper article advises that users run MacKeeper Update Tracker so as to get a patched version.

Chirgwin suggests that Mac users annoyed by MacKeeper’s reputation for persistent and aggressive pop-up marketing will take some pleasure in the company’s embarrassment. However I wonder how many of the product’s many users will get to hear about the Proof of Concept attack (which MacKeeper’s article doesn’t actually mention) and take appropriate measures.

David Harley
Small Blue-Green World

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.


%d bloggers like this: