“Anti-virus software maker McAfee Inc. is warning about a new version of the Mydoom worm that infects computers of people who click on a link in e-mail they receive. The new version is a mass-mailing worm that does not contain an attachment, as some earlier versions of the worm program have done,” CNN/Money reports.
“A worm is a self-replicating computer program that — like a computer virus — can cause damage to a computer’s software by attaching itself to programs,” CNN/Money reports.
According to Symantec, systems affected include: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, and Windows XP.
Apple’s Mac OS X operating system is unaffected.
MacDailyNews Take: For our Windows-only friends, information about smoothly adding a safe, powerful, and fun Mac OS X machine to your computing arsenal can be found here.
Related MacDailyNews article:
Study: Apple’s Mac OS X ‘world’s safest and most secure’ operating system – November 02, 2004
According to Symantec, systems affected include: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, and Windows XP.
Apple’s Mac OS X operating system is unaffected.
BUHAHAHAHAHAHAHAHAHHAHa…….. HAHAHAHAHAHAHHAHAHAHAHAAAAAAA!~
What a surprise!? Last week I fixed a PC computer from a friend of mine. Strange behavior, wrong colors on display. Anyway I took it home, installed AVG 6.0, and found it had no less than 325 virus and 780 spy-ware files, this after they installed service pack 2.
I was not going to charge him for the repair, but after all that junk and the time (3 hrs) it took to clean I did. Not before my “See I told you to get a Mac…” speech, that by the way felt even better than getting paid.
Working as a network Admin., I see this kind of problems on a daily basis. When is everyone going to see that Windows is an inferior product? Well, I sure hope not too soon, that’ my job security right there. Virus, worms trojans keep on coming and infecting Windows the more the better, I need to make a car payment…ha,ha! What a joke Windows is!!!
Yawn
http://search.us-cert.gov/query.html?rq=0&ht=0&qp;=&qs;=&qc;=&pw=100%&ws=1&la;=&qm=0&st=1&nh=25&lk=1&rf=2&oq;=&rq=0&si=1&qt=Mac+OS+X
hey @ home…
old news…. most of that stuff refers to Jaguar… not Panther…
And the Jaguar updates took care of all that…
Ya got anything newer to report ?
Found: 46 Secunia Security Advisories, displaying 1-25
Mac OS X URI Handler Arbitrary Code Execution
2004-05-17
Apple Filing Protocol Insecure Implementation
2004-03-01
Mac OS X Security Update Fixes Multiple Vulnerabilities
2004-10-05
Apple Mac OS X Security Update Fixes iChat Vulnerability
2004-09-17
Mac OS X Security Update Fixes Multiple Vulnerabilities
2004-09-08
Mozilla / Mozilla Firefox Apple Java Plugin Tab Spoofing Vulnerability
2004-08-30
Netscape Apple Java Plugin Tab Spoofing Vulnerability
2004-08-27
Mac OS X Security Update Fixes Multiple Vulnerabilities
2004-08-10
Apple Mac OS X Internet Connection Privilege Escalation
2004-07-27
Mac OS X Multiple Unspecified Vulnerabilities
2004-05-30
Mac OS X Volume URI Handler Registration Code Execution Vulnerability
2004-05-22
Mac OS X Security Update Fixes Multiple Vulnerabilities
2004-05-04
Mac OS X Security Update Fixes Multiple Vulnerabilities
2004-04-07
Mac OS X Security Update Fixes Multiple Vulnerabilities
2004-02-24
Mac OS X Security Update Fixes Multiple Vulnerabilities
2004-01-27
Mac OS X Local Denial of Service Vulnerability
2004-01-05
Mac OS X Security Update Fixes Multiple Vulnerabilities
2003-12-22
Mac OS X cd9660.util Privilege Escalation Vulnerability
2003-12-16
Mac OS X Insecure Default DHCP Packet Handling Vulnerability
2003-11-27
Mac OS X Security Update Fixes Multiple Vulnerabilities
2003-11-20
Mac OS X Terminal Application Unspecified Vulnerability
2003-11-06
That’s the last 12 months. Apple has managed to patch them all before any major exploit. The day will come when they won’t beat the clock. Stay updated, keep your firewall up and run an AV program.
The point is that the Mac OS is not invulnerable, just relatively safe. Compared to Windows anything looks good. The very fact that Mac OS X has yet to be hacked in a big way could make it a target for someone wanting to make a big point.
Current unpatched vulnerabilities are rarely released to the public. Apple & the FreeBSD people have done a good job. My warning is to the people living in Fool’s Paradise who think that they can network and surf with impunity.
I’m not trolling, just bringing the fanboys back to reality.
Now let’s see Just Windows XP count: “about�1026�results�found,”.
Same website “Security @ Home” used check it at: http://search.us-cert.gov/query.html?col=csalrts&col=csbulls&col=cstips&col=feddocs&col=pressrm&col=tcsalrts&col=vulnotes&col=xtradocs&qt=Windows+XP&charset=iso-8859-1
Windows 2000 is “about�1553�results�found,”; Windows 2003 is �”results�found,”. Ouch!
The issue is not Windows, I run a Macintosh. The issue is security and many Mac users are living in a Fool’s Paradise. The question is not if, but when will OS X be compromised and how.
Many OS X users run their Macs in Admin mode with easily compromised passwords and many ports open for all the world to see. They also run 3rd party applications that network or access the internet either actively or in the background. Every time you install an app that has auto-update/install features on it you are opening a potential avenue for compromise.
If you have Classic installed and are connected to the Internet or a Network your system is VERY vulnerable. Rendezvous technology broadcasts your computer across a network and could potentially be used for an exploit. Remote Desktop Client, IM, printer sharing, VPC, online gaming and other apps open you up to potential exploits that Apple has no responsibility for.
The point is that just because you are running Mac OS X does not mean you should fail to use common sense security guidelines and practices. How many posts have you seen about Mac users bragging about no using or needing Anti-Virus software?
It does not really matter how the eventual compromise of OS X happens (Apple App or 3rd Party App), the media will be on it like white on rice. The smugness of many in the Mac community is just going to make them smile all the more when they get to turn the knife.
Duh, you guys! We get yer point Sec@Home. But the fact is that Apple is able to head off security issues and release pertinent updates to protect their customers. Make all the points you want and then times it by 100 against Windows. There truely IS no comparison. Apple wins. Hands down. I’ll forever love my Mac’s.
Strike that! Times it by 1000!!!!
Paul Thurrott you have to get out more.
Security@home While I can agree that the Mac is not invulnerable and someday an exploit that inconveniences a few people may come out, here is a good article about why the Mac will ALWAYS be more secure than windows:
http://daringfireball.net/2004/06/broken_windows
Put a switch on the computer. It turns OFF the disk. If the disk doesn’t spin, someone tell me how I can get a virus?
Securtiy@home, please name the ports on Mac OS X that are open, becuz I don’t know of any that can be opened without the administrator password!!
an ohh please how many are running apps that auto update the only apps that really auto update are microsoft apps & virus apps, which i never run on my computer! Stop dreaming up all this foolishness and waste your time on something esle. As someone says apple is updating most things in a timely fashion and with safari & it’s pop up blocker, there are no stupid links to pull u into a stupid worms & viruses. If u are truly running a mac you wouldn’t be so damn concerned about security as u are, so I can tell u are windows user! stop ur lies and fine a wintel site to waste ur time on!
Think you are secure? Running all the latest 10.3.6 software, right? Want your passwords and identity stolen? Use Safari (Tabbed Browsing Enabled) on “The World’s Most Secure OS”.
Try this little test
http://secunia.com/multiple_browsers_dialog_box_spoofing_test/
You could EASILY have your passwords, account numbers, etc stolen on a supposedly secured connection with Safari. Apple has known about this for some time and done NOTHING about it. FireFox and Mozilla are affected as well. So much for security.
NoPC, I hope you have read the whole page on the Secunia *test*:
“Note: On Safari and Internet Explorer for Mac the demonstration does not work in tabs. Only when the link above is opened in a new window.”
The *proof*… does not work.
And if you do not open it in a new Tab (since anyway it does not work) it opens in the same window by default, hence it does not work again.
One TRULY has to fight to make it work: I have not been able to so far.
“You could EASILY have your passwords, …” blah, blah, blah.
Tried hard to have this *proof* working. What has to be done? Does not work: nothing happens on the Secunia page. How stupid has the average Mac user be to make this *proof* working with Safari?
Seems that even being as stupid as the average Windows users won’t be enough.
Probably Apple has done nothing because there is NOTHING to do about it: I just noticed the “Note: ” on Secunia – and as said by Seahawk.
NoPC: you dork! LOL
The exploits shown by Security@Home are nowhere near as dangerous as what windows folks deal with because almost all of these are local exploits. While you can do things to the Macintosh when you are logged in, it is a completely different matter to break in from the outside. Since the applications are not built into the kernel and apps typically only run as the user id, grabbing hold of a Mac and taking it over is very difficult.
Most the exploits for Windows are remote in nature, that is the hacker can get to the machine from the outside either through an exploit in IE or Outlook, or from one of the open ports Microsoft refuses to ship closed from the factory. It should not be possible to take over a computer by clicking on a link or getting an email. This is a fundamental design problem in Windows and Microsoft knows it. They are more interested in making it simple to do things (ie don’t prompt user for anything) than trying to lock things down. Microsoft until recently didn’t lose any money from all these viruses so they didn’t care what happened.
Obviously with people moving to Mac, Linux, and Firefox they are beginning to rethink their business plan. In the mean time I’ll just sit back with my Mac and watch the Microsoft world turn into one giant forest fire.
We all know that you must have an admin’s password to break into a Mac. Make life even more difficult for potential in-office-hackers by using the Alt and Alt-with-Shift characters. This way, you can have a rather easy password and the XP hackers have a difficult time getting in.
You see, Microsoft OS CANNOT USE these characters in a password. In fact, just ask an XP user to type in a text document “��?�” and see how long it takes them. Mac OS X easily recognizes them. In fact, you can make your password VERY easy and quick such as “��??” by holding down the Alt key and simply drumming your fingers across “fghj”. My encrypted folders can have the very easy to type (drummed) password “?����������?���?” but be impossible to find randomly… especially by MS users.
“�������ͨ�?�” = “Microsoft sucks” (with Alt held down)
Using just A thru Z and 0 thru 9 for a password is very nonsecure and so… so… 8-bit DOS-like.
“..using the Alt and Alt-with-Shift characters.”
uhhh, Ive looked all over my keyboard and cant find my “Alt” key…
Did one of you steal it from me ??
Hey… if you want a secure password… just use the character you get by holding down the “option-shift K” key combo…
That should drive potential hackers on WinCrap machines..nuts !!
?
very good, i think he ment option key, not alt key, the alt key is a key found on a peecee, but I don’t know what it does, oh wait, on my ibook g4, it has in tiny letters above the “option”, “alt”. nevermind.
???????????????????????????????????????????????????????????????????????????
just so you all know, i posted the apple logo, but it showed “?”.
I thought the ” ? ” was the apple logo…On OS 9 anyways…Teheheh