Of course it's something to worry about. Security pros get paid to worry.

It takes one of three puzzle pieces out of the equation. Those three pieces are:

#1) find some dumb code someone in Redmond wrote so you can crash the stack;

#2) put in some cookie cutter shell code so you take over the process; and

#3) use this new access to - in some way - exploit.

#1 and #3 are still tough on any Unix box, but #2 - they got that already. There is so much shell code running around; hackers know how Intel architecture works; etc.

This is only one piece of the puzzle, but moving to Intel certainly did NOT help Apple's security situation. On that I think all can agree.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/11375/33071#33071