Intego Security Memo

News > Press Releases

Macintosh

Dual Protection (Mac + Windows)

Macintosh Enterprise

Free Trial

ContentBarrier FileGuard Internet Security Barrier NetBarrier Personal Antispam Personal Backup VirusBarrier

ContentBarrier DP Internet Security Barrier DP VirusBarrier DP

Remote Management Console VirusBarrier Server and VirusBarrier Mail Gateway

Buy Now Upgrade Update Renew Free Trial

Support Knowledge Base Software Registration User Manuals Software Updates Bug Report

Press Releases Latest Software Releases

Overview Press Releases Careers Contact Us

INTEGO SECURITY MEMO - FEBRUARY 17, 2006
INQTANA.A BLUETOOTH WORM

Exploit: Inqtana.a Bluetooth worm

Discovered: February 17, 2006

Risk: Low

Description: This proof-of-concept worm, which has not yet been seen in the wild, propagates via Bluetooth file transfer from one computer running Mac OS X 10.4 to another. Users must accept the transfer, after which the worm copies its files to certain locations, exploiting a weakness that allows it to access files outside of the default file exchange directory, so it is active the next time an infected computer restarts.

The worm sends three files: w0rm-support.tgz, which is the worm itself, and two .plist files, com.openbundle.plist and com.pwned.plist, which are required for the worm to activate after restart.

The worm has a built-in cutoff date of February 24, 2006, so should not cause any problems after this date. In addition, users with updated Mac OS X systems will already have installed a security update that protects against this vulnerability.

Means of protection: Apple’s security update 2005-006 (http://docs.info.apple.com/article.html?artnum=301742) protects against this vulnerability in Mac OS X 10.3 and 10.4; however, the Inqtana.a worm only affects computers running Mac OS X 10.4 If users have not installed this security update, they should do so, along with all subsequent security updates. Intego VirusBarrier X and VirusBarrier X4, with virus definitions dated February 20, 2006 or later, also protect against this worm.

About Intego
Intego develops and sells desktop Internet security and privacy software for Macintosh.

Intego provides the widest range of software to protect users and their Macs from the dangers of the Internet. Intego's multilingual software and support repeatedly receives awards from Mac magazines, and protects more than one million users in over 60 countries. Intego has headquarters in the USA, France and Japan.

As the dangers of the Internet grow, Intego is hard at work, developing new software to protect users and their Macs from the latest security and privacy threats.

We protect your world.

home | contact