Wednesday, April 2, 2008

Safari 3.1 Piggybacks In Sofware Update

"Piggybacking is a method used to gain unauthorized access to the computer. This occurs when an authorize application allows another non-related or unauthorized application to pass through or get into user's system."

Couple of weeks ago while I was working in my infect machine, I got this alert message from Apple Software Update. I was a little bit busy so I just minimize the window. Last monday, I had the chance to check and read what it says. Surprisingly, I found Safari 3.1 in the list which I know I haven't installed any of its version. So, what's happening here ?

As shown in the figure above, the QuickTime program I installed checks for updates. Then, the server replied with the update information. However, it doesn't end there, the server exploited the communication to perform an unauthorized task, which is to offer Safari 3.1 installer.

This is completely unacceptable behavior and a breach to information security.