Secunia said there are potential vulnerabilities in the Mac OS X operating system, first noticed by Tom Ferris.
The firm described the holes as ‘highly critical’, meaning that systems could be compromised if crooks dive in. Secunia said the potential holes are in version 10.4.6, but other versions might be
affected too.
As an aside, the updated security details for the three main OS are:
Attacks that rely on “social engineering” tricks to fool users into visiting malicious Web sites are just as dangerous as any that exploit software vulnerabilities, a Microsoft security researcher argued this week.
According to Matt Braverman, a program manager with Microsoft’s Anti-Malware Technology Team, data from the group’s Malicious Software Removal Tool shows that dupes are as crucial to attackers as bugs.
From the article:
Microsoft’s Internet Explorer, already stunned with a bug currently being used by hackers to infect PCs with spyware, suffers from yet another vulnerability, a researcher said Tuesday.
In the OnSecurity podcast, Ryan Naraine talks with eEye’s chief hacking officer about the company’s decision to release an “unofficial” patch for the latest zero-day exploit of Internet Explorer. (Podcast #60)
Microsoft plans to release a pre-patch advisory with workarounds for a “highly critical” vulnerability that could put millions of Internet Explorer users at the mercy of malicious hackers.
From the article:
An Apple Computer patch released last week doesn’t completely fix a high-profile Mac OS X flaw, leaving a toehold for cyberattacks, experts said.
The Mac maker released a security update for its operating system on Wednesday to plug 20 holes. The patch arrived after two weeks of intense scrutiny of the safety of OS X, prompted by the discovery of two worms, and the disclosure of a vulnerability that was deemed “extremely critical” by security monitoring company Secunia.
Macworld is reporting about a new security hole in Mac OS X that can be exploited to compromise a system if the user simply visits a web site with Safari. Currently, no vendor patch is available. Secunia has a demonstration of the vulnerability and suggestions for temporary workarounds.
