Welcome Guest [Log In] [Register]
Welcome to The Biggest Board. We hope you enjoy your visit.


You're currently viewing our forum as a guest. This means you are limited to certain areas of the board and there are some features you can't use. If you join our community, you'll be able to access member-only sections, and use many member-only features such as customizing your profile, sending personal messages, and voting in polls. Registration is simple, fast, and completely free.


Join our community!


If you're already a member please log in to your account to access all of our features:

Username:   Password:
Add Reply
Apple Gives Leopard a Good Brushing
Topic Started: Feb 13 2009, 06:42 AM (43 Views)
Warren
Administrator
[ *  *  *  *  * ]
Apple Gives Leopard a Good Brushing

Apple's release of a major update for its Leopard operating system has further deflated the claims of some fans that Macs are intrinsically superior in the security department. There's a cup-half-full argument to be made, though: It's because more consumers are using Mac systems that the OS is attracting more attention from hackers.

Nasdaq: AAPL) Latest News about Apple has completed a major security Free Trial. Security Software As A Service From Webroot. overhaul of its Leopard operating system. The fix addresses more than 40 crucial security flaws, including one in iCal that allows hackers to attack the computer remotely.

Other flaws that either result in application terminations or arbitrary code executions have been found in AFP Server, AirPort, AppKit, Apple Pixlet Video, ATS, CoreGraphics, Help Viewer, Core Foundation, Flash Player Plug-in, iChat, Mail, Automator, Time Machine, VoiceOver and Parental Controls.

Security Update 2008-003 also has a non-security function: It enables iPhone users to sync Mac address book contacts with Google (Nasdaq: GOOG) Latest News about Google contacts.

Repairing iCal

Plugging the iCal hole was the most immediate need Apple had to address. Last week -- after reportedly trying for months to work with Apple to coordinate disclosure -- Core Security published three Mac OS X iCal-based vulnerabilities: Two of them could crash the iCal program, but the third could allow a hacker Latest News about hacker to take control of another person's computer.

iCal uses the .ics extension and the CalDAV protocol for calendar-sharing. iCal-using Mac owners may be exposed to possible exploits, as a growing number of Web sites provide calendar Blackberry Professional Software from AT&T. Save up to 57% until June 6th. Click to learn more. files and subscriptions to calendar updates.

Besides the iCal flaw, the patch addresses collaborative functions that could be used as vectors for attack. For instance, Web-based plug-ins such as Adobe (Nasdaq: ADBE) Latest News about Adobe Flash have become attractive to hackers, Ryan Barnett, director of application security at Breach Security, told MacNewsWorld.

"There have been many recent reports of malicious Flash files being hosted on Web sites that aim to exploit known vulnerabilities to install Trojan software on client computers," he said.

In general, the patch does a good job of addressing the critical problems, Lori MacVittie, technical marketing E-Mail Marketing Software - Free Trial. Click Here. manager at F5 Networks, told MacNewsWorld.

"This is becoming more important as growing levels of malware are being written for the Mac," she noted.

Attackers are getting smarter and are using ubiquitous technology such as Flash, MacVittie added. That trend is exacerbated by the typical Mac user's misguided sense of invincibility against hack attacks.
Aura of Safety

Indeed, as more consumers embrace Macs and as more hackers target OS X, the reputation of Apple's computing product line will continue to take hits. This is not necessarily a bad thing -- at least not for consumers that may naively believe their Macs are safe to use online without any protection, Ken Dunham, director of global response at iSIGHT Partners, told MacNewsWorld.

"Apple computers are traditionally viewed as less vulnerable to malicious code attacks," he observed, but "this is true or false depending upon the context of your statement."

Software on any platform is likely to contain a certain number of errors or vulnerabilities, he explained. "As a result, [the statement that a Mac is more vulnerable] is true [given] that continued development of Macintosh Latest News about Macintosh software has led to the development and discovery of new vulnerabilities that open the door for possible malicious actions. However, [it] can also be viewed as largely false when considering malicious code which is not mature within the Macintosh 10.x operating system."

No operating system is completely invulnerable to attack -- including Macintosh -- which means consumers must practice safe computing and harden their computers' configurations against known vulnerabilities, Dunham continued.

"Hackers today are financially motivated -- largely focused upon Windows and other platforms," he noted. "However, for Macintosh, increased capabilities and some exploitation in the wild have taken place in the past 18 months. Still, these cases are very limited in scope and impact when compared to other known attacks in the wild on other operating systems.

"It's possible as Apple gains market share, [OS X] will be increasingly targeted by hackers due to the increased number of potential targets using Macs," Dunham concluded.
Offline Profile Quote Post Goto Top
 
1 user reading this topic (1 Guest and 0 Anonymous)
« Previous Topic · Post Archives · Next Topic »
Add Reply