正文
恶意软件瞄准中国苹果设备用户
“他们还在为最后的攻击做准备,”该公司威胁情报事务负责人瑞安·奥尔森(Ryan Olson)说。“尽管这种事情是第一次发生,但它向大量攻击者表明,这种方式可以用来击破苹果围绕其iOS设备构建起的坚硬外壳。”
Mr. Olson said Palo Alto Networks had alerted Apple to its findings, though an Apple spokesman declined to comment on their reports.
奥尔森称帕洛阿尔托网络公司已经警告苹果注意相关发现,但苹果的一名发言人拒绝就该公司的报告发表评论。
The firm’s advice to Mac and iOS users is to avoid downloading Mac applications or games from any third-party app store, download site or untrusted source, or connecting an iOS device to any untrusted accessories or computers. They also advise users to keep iOS software up to date.
该公司给Mac电脑和iOS用户的建议是,避免下载任何来自第三方应用商店、下载网站或不受信任的来源的Mac应用或游戏,并避免将iOS设备与任何不受信任的配件或电脑连接。他们还建议用户持续更新iOS软件。
Separately, last Friday a researcher in Sweden announced that he had uncovered a serious new vulnerability in Yosemite, Apple’s latest OS X operating system. The researcher, Emil Kvarnhammar, said the vulnerability, which he calls “Rootpipe,” allows attackers to gain “root access,”or full administrative control, of a victim’s Mac, allowing them to steal information or run programs of their own.
此外,瑞士一名研究人员上周五宣布,在苹果最新的OS X操作系统Yosemite中新发现了一个严重的漏洞。这位名叫埃米尔·夸恩哈马尔(Emil Kvarnhammar)的研究人员表示,被他称作“Rootpipe”的这个漏洞能让攻击者获取受害者Mac的“根权限”,即完全的管理控制权,以窃取信息或运行攻击者自己的程序。
To date, there is no evidence that the vulnerability has actually been exploited and here, too, it would be difficult for the average Mac user to stumble upon. For hackers to gain control of a Mac, the victim would need to ignore every OS X pop-up security warning.
迄今为止,尚没有证据表明已经有人利用了这个漏洞,并且普通Mac用户也很难遇到。因为黑客要想控制Mac,受害者必须要忽略OS X弹出的所有安全警告。
Apple is currently patching the Rootpipe vulnerability, but it is not clear when the patch will be completed.
苹果正在修补Rootpipe漏洞,但尚不清楚修补工作何时完成。
- 上一篇
- 下一篇