Home > Exploits > Safari 3.1 Piggybacks In Sofware Update

Safari 3.1 Piggybacks In Sofware Update

“Piggybacking is a method used to gain unauthorized access to the computer. This occurs when an authorize application allows another non-related or unauthorized application to pass through or get into user’s system.”
Couple of weeks ago while I was working in my infect machine, I got this alert message from Apple Software Update. I was a little bit busy so I just minimize the window. Last monday, I had the chance to check and read what it says. Surprisingly, I found Safari 3.1 in the list which I know I haven’t installed any of its version. So, what’s happening here ?

As shown in the figure above, the QuickTime program I installed checks for updates. Then, the server replied with the update information. However, it doesn’t end there, the server exploited the communication to perform an unauthorized task, which is to offer Safari 3.1 installer.

This is completely unacceptable behavior and a breach to information security.

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: