Mac Security: Weekly Summary 2006-04-13
- From: Derek Currie <derekcurrie@xxxxxxxxxxxxxxx>
- Date: Tue, 18 Apr 2006 00:18:16 GMT
This is another snoozy week for Mac OS X security. There is nothing new
The only real concern that has cropped up is what will be the
ramifications of installing Windows on your Macintel machine. As is
commonly known, Windows has over 150,000 pieces of malware 'in the
wild'. Installing Windows on your Macintel, whether using Apple's new
freeware Boot Camp software, or using Parallel's Workstation
virtualization software, opens your computer to all the Windows malware.
So far there a general consensus that this malware cannot migrate over
to your Macintosh partition. However, profoundly damaging malware could
force you to erase your ENTIRE hard drive to clean out the problem.
Therefore, if you put Windows on your Macintel you must:
1) BACK UP YOUR ENTIRE COMPUTER REGULARLY.
This is the #1 rule of computing, so you should be doing this already.
If you don't, you are asking for trouble.
2) Install both anti-virus AND anti-spyware programs on your Windows
system. Note that these two programs are so far NOT the same thing. You
need both. There are free versions of both. They are not the best
versions by any means, but if they are updated regularly and allow
active checking of your system then they are adequate.
3) NEVER run a recent (2004-2006) Sony-BGM audio CD in your Windows
partition. In case you missed the horror they inflicted on Windows
users, basically these CDs force a 'Root Kit' program to be installed on
your Windows system, opening it up to malware attacks that are invisible
to anti-virus and anti-spyware programs. Instead run these CD ONLY on
your Mac OS X system, which is not susceptible to Sony's crapware.
Below is security information provided by Secunia, who kindly provide a
free security newsletter every month. You can sign up for it and read
more about malware at:
A quick review:
- No new Mac OS X vulnerabilities.
- No new Mac OS X patches.
- Six new Windows related vulnerabilities.
- Six new Windows patches including one for the 'Extremely Critical'
createTextRange() vulnerability in Internet Explorer.
- Still no sign of patches to last month's Real software vulnerabilities.
- Patches for ClamAV vulnerabilities reported last week are gradually
becoming available, starting on Linux.
Next up are sections 2-4 of the Secunia Security Summary. Check out
their website for the rest of the report as well as details.
See you next week.
2) This Week in Brief:
Tuesday, Microsoft issued the long awaited patch for the "Extremely
Critical" createTextRange() vulnerability in Internet Explorer, which
was originally discovered by Secunia Research and disclosed to
Microsoft on 13th February for a co-ordinated disclosure.
However, on 22nd March the vulnerability was publicly disclosed by an
independent third party and exploit code was soon created and
published by different researchers.
Microsoft also issued patches for other critical vulnerabilities, for
more details see the following Secunia Advisories:
Secunia has not issued any virus alerts during the week.
3) This Weeks Top Ten Most Read Advisories:
1. [SA19521] Internet Explorer Window Loading Race Condition Address
2. [SA18680] Microsoft Internet Explorer "createTextRange()" Code
3. [SA19534] ClamAV Multiple Vulnerabilities
4. [SA19495] Linux Kernel SYSFS Local Denial of Service Vulnerability
5. [SA19218] Flash Player Unspecified Code Execution Vulnerabilities
6. [SA19118] AVG Anti-Virus Updated Files Insecure File Permissions
7. [SA19553] Cisco Optical Networking System 15000 Series Multiple
8. [SA19556] phpMyAdmin Cross-Site Scripting Vulnerabilities
9. [SA19569] Hosting Controller "forum.mdb" Exposure of User
10. [SA19552] Cisco 11500 Content Services Switch HTTP Compression
Denial of Service
4) Vulnerabilities Summary Listing
[SA19583] Microsoft Data Access Components RDS.Dataspace ActiveX
[SA19617] Outlook Express Windows Address Book File Vulnerability
[SA19606] Microsoft Windows Explorer COM Object Handling Vulnerability
[SA19569] Hosting Controller "forum.mdb" Exposure of User Credentials
[SA19566] SAXoPRESS "url" Parameter Directory Traversal Vulnerability
[SA19623] Microsoft FrontPage Server Extensions Cross-Site Scripting
[SA19619] Debian update for horde3
[SA19608] SUSE update for clamav
[SA19571] SUSE Updates for Multiple Packages
[SA19570] Trustix updates for multiple packages
[SA19567] Gentoo update for clamav
[SA19564] Mandriva update for clamav
[SA19557] Ubuntu update for kaffeine
[SA19644] Ubuntu Updates for Multiple Packages
[SA19624] SGI ProPack XFree86 Multiple Vulnerabilities
[SA19607] SGI ProPack kernel Multiple Vulnerabilities
[SA19597] Mandriva update for sash
[SA19591] Debian update for moodle
[SA19590] Debian update for cacti
[SA19586] Matt Wright Guestbook Script Insertion Vulnerabilities
[SA19572] xzgv JPEG Image Parsing Heap Overflow Vulnerability
[SA19565] Mandriva update for mplayer
[SA19555] Debian update for libphp-adodb
[SA19589] Debian mnogosearch Insecure Password Storage Security Issue
[SA19614] VegaDNS "cid" Parameter SQL Injection Vulnerability
[SA19598] Mandriva update for openvpn
[SA19595] Shadowed Portal Pages Module Cross-Site Scripting
[SA19587] Cherokee Web Server Cross-Site Scripting Vulnerability
[SA19561] HP-UX update for wu-ftpd
[SA19558] Mailman Private Archive Script Cross-Site Scripting
[SA19638] Sun Solaris LDAP2 Client Commands Security Issue
[SA19560] HP-UX Unspecified "su" LDAP Netgroup Vulnerability
[SA19559] fbida fbgs Insecure Temporary File Creation Vulnerability
[SA19577] Debian update for libimager-perl
[SA19627] Sun Solaris "sh" Process Denial of Service Vulnerability
[SA19573] Linux Kernel "__keyring_search_one()" Denial of Service
[SA19630] AzDGVote "int_path" File Inclusion Vulnerabilities
[SA19628] Simplog Multiple Vulnerabilities and Security Issues
[SA19625] phpListPro "returnpath" File Inclusion Vulnerability
[SA19588] Autonomous LAN Party File Inclusion Vulnerability
[SA19576] Dokeos File Inclusion Vulnerabilities
[SA19634] MvBlog Script Insertion and SQL Injection Vulnerabilities
[SA19618] Cyrus SASL DIGEST-MD5 Pre-Authentication Denial of Service
[SA19613] JBook Multiple Vulnerabilities
[SA19611] Confixx Pro Cross-Site Scripting and SQL Injection
[SA19609] Clansys "showid" SQL Injection Vulnerability
[SA19604] Dokeos "topic" Parameter SQL Injection Vulnerability
[SA19602] XBrite Members "id" SQL Injection Vulnerability
[SA19601] dnGuestbook admin.php SQL Injection Vulnerability
[SA19600] PHPOpenChat ADOdb Insecure Test Scripts Security Issues
[SA19593] Shopweezle Multiple SQL Injection Vulnerabilities
[SA19592] apt-webshop-system Multiple Vulnerabilities
[SA19584] Chipmunk Guestbook "username" SQL Injection Vulnerability
[SA19580] Gallery Unspecified Script Insertion Vulnerabilities
[SA19578] MAXdev MD-Pro "topicid" SQL Injection Vulnerability
[SA19568] MWNewsletter Multiple Vulnerabilities
[SA19563] MAXdev MD-Pro ADOdb "server.php" Insecure Test Script
[SA19554] Andy's PHP Knowledgebase Cross-Site Scripting and Script
[SA19636] Manila Multiple Cross-Site Scripting Vulnerabilities
[SA19635] Tritanium Bulletin Board register.php Cross-Site Scripting
[SA19629] Autogallery Cross-Site Scripting Vulnerability
[SA19622] interaktiv.shop Cross-Site Scripting Vulnerability
[SA19610] PHPWebGallery Multiple Cross-Site Scripting Vulnerabilities
[SA19603] JetPhoto Server "name" and "page" Cross-Site Scripting
[SA19594] Web+Shop "deptname" Parameter Cross-Site Scripting
[SA19582] Jupiter Content Manager "layout" Cross-Site Scripting
[SA19579] Clever Copy connect.inc Information Disclosure Security
[SA19562] vBulletin vBug Tracker Module "sortorder" Cross-Site
[SA19556] phpMyAdmin Cross-Site Scripting Vulnerabilities
[SA19574] Oracle Database Access Restrictions Bypass Vulnerability
[SA19599] PHP "phpinfo()" Cross-Site Scripting and Security Bypass
[SA19575] Imager JPEG/TGA Image Processing Denial of Service
Fortune Magazine, 11-29-05: What's your computer setup today?
Frederick Brooks: I happily use a Macintosh. It's not been equalled for ease
of use, and I want my computer to be a tool, not a challenge.
[Frederick Brooks is the author of 'The Mythical Man Month'. He spearheaded
the movement to modernize computer software engineering in 1975]
- Prev by Date: Re: Macfixit posts 25 chapter novel on troubleshooting 10.4.6
- Next by Date: Best restraunt in San Fran?
- Previous by thread: Macfixit posts 25 chapter novel on troubleshooting 10.4.6
- Next by thread: Best restraunt in San Fran?