[ insider_reports_insider ]
Apples, Forgeries, Scanners, And Bagles
David Utter
Staff Writer
2007-03-06
 Insider Reports RSS Feed
Eight vulnerabilities in Apple's QuickTime product received fixes to stop potential exploits from crashing the application or running arbitrary code; this and more in a SecurityProNews roundup.
 | | Apples, Forgeries, Scanners, And Bagles |  |
When discussions of Apple and security make the rounds, they are inevitably followed by the refrain of the Mac OS being a more secure platform than Windows.
Despite the passion of its fans, Apple is no more perfect at security than Microsoft, and regularly has to work at keeping its products safe.
The most recent example arrived as the company released an octet of patches for QuickTime on both the Mac and Windows platforms.
All of the flaws would have required the user to first attempt to view malicious content in QuickTime.
QuickTime's problems all could be traced to heap, stack, or buffer overflow conditions. Those vectors have been common spots for attackers to target in all manner of operating systems and programs over the years.
Sins of the Internet: Ha.ckers.org considers the opinion that the Internet, designed for ease of use rather than security, suffers most from being built for academics first.
Cross-site request forgeries present a vulnerability that undermines just about every possible application made available on the Internet:
Every image, every included style, every iframe and frame, everything that's embedded in any way, can cause CSRF. It's the "holy crap that's bad" vulnerability that affects nearly every site out there. The only trick is getting the right person to perform the action and that's really not as hard as it may sound.
SANS finds some AV clunkers: The SANS Institute looked at the question of comparing anti-virus products. Researcher Swa Frantzen said SANS typically uses VirusTotal to show how malware is detected and named by a variety of AV companies.
The example test with updated signatures for 32 products found a lot of big names missed a downloader Trojan. McAfee, Symantec, Microsoft, and Panda didn't detect the malware. Companies like Sophos, F-Secure, and Grisoft's AVG did.
Bagle worm hits 3rd anniversary: Bagle/Beagle is still going strong after three years. Email security firm Commtouch detailed Bagle's longevity in a PDF report about its recent activity.
The company attributed Bagle's persistence to a new tactic.
Through server-side polymorphism, Bagle changes form before signature-based anti-virus engines can be updated to detect it. Then it changes again, each time coming out in thousands of email messages every day.
---
Tags: Apple, SANS, Anti-Virus, Bagle
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
