| Top
Security News |
F-Secure’s World Map
Finnish security phenom F-Secure put their "view of the
world" online with a map of known virus outbreaks around the world on Thursday...
Hacker Defender Guru Yields
Hacker Defender wasn't just A rootkit, it was THE rootkit
for the longest time. The creator, called Holy_father, of said rootkit lowered
his sword and yielded the way by taking down his antidetection service.
Looking For Mr. Goodmail Part 2
America Online claims they want to protect their customers
from spam and other nasty things coming through the email.
Italian Government Goes After Gambling
Italian ISPs railed against new restrictions on gambling
sites put in place by the Italian government. The creator, called Holy_father,
of said rootkit lowered his sword and yielded...
PayPal + Spamming+ Trojan= Clagger-H
It looks like someone else came up with another way to irritate
PayPal customers. The email warns users that their PayPal account...
OS
X In Hacker’s Gun Sites
Recent debates over the safety of Mac OS X or the lack thereof have been traveling
around the Internet. Loyal Mac folks chomp...
|
|
|
|
|
In response to recent holes pointed out in Apple's OS X operating system, the Cupertino kids released a security update patching some 20 holes. The update takes care of the problems from the concept codes as well other security problems.
The update addresses a number of issues in several different areas. Areas addressed include:
· apache_mod_php
· automount
· BOM
· Directory Services
· FileVault
· IPSec
· LibSystem
· Mail
· Perl
· Rsync
· Safari
· Safari, LaunchServices
· Syndication
· FileVault
· iChat.
The iChat problem was the one that started the heavily reported security flaws with OS X. An easily defendable concept code called Leap started the uproar. The Inqtana concept began making the rounds as well. While Inqtana and its variants are already completely moot, they did point out additional problems.
The Mail problem happens when an email attachment is double-clicked in Mail, Download Validation is used to warn the user if the file type if not "safe." There are techniques out there to disguise the file's type so that Download Validation is bypassed. The update allows Download Validation to look at the entire file.
Safari also had a number of problems to fix, the most significant of which was a proof of concept code for creating problems regarding the automatic download and execution of certain files.
The affected versions of OS X include v10.3.9 and OS X v10.4.5, both the OS X and the OS X server for both version. With all these updates in this release, it's crucial for Mac users to go on and get the update ASAP. Many of the biggest problems with Windows resulted from people not updating their software promptly. It's also a safe bet now that all these updates have been published, hackers will start pouring over the code, looking for holes with which to slip into people's computers.
Once again, this is proof that the Mac is not inherently safer, it just means hackers have left it alone. Now that the concepts are out there, that will change. Hackers will be getting right to work on different ways to hack it.
Get all the updates - click this link: 
About
the Author:
John Stith is a technology writer with SecurityProNews. |
|
,
Inc. 2549 Richmond Rd. Lexington KY, 40509
