Mac OS X threat exposure increases
updated 12:35 pm EDT, Mon September 25, 2006
Mac OS X threat exposure
As Apple's Mac OS X operating system increases in popularity, so does its exposure to internet-related security threats. Security firm Symantec has published its latest Internet Security Threat Report, revealing that the number of vulnerabilities identified in Apple's Safari Web browser doubled over the first half of 2006, and that the amount of time Safari users were vulnerable to exploits before Apple released a security fix increased from zero days to five. During the first six months of 2006 malicious users discovered 12 bugs in Safari, 47 bugs in Mozilla Firefox, and 38 bugs in Microsoft's Internet Explorer. Mozilla on average fixed its bugs within one day of exploits surfacing, Apple within five days, Microsoft within nine days, and Opera two days.
"There is no safe browser," said Symantec Security Response senior director Vincent Weafer. "If you've got a browser, make sure you're configuring it correctly. [...] That's a far better strategy than running some browser just because you haven't heard of it."
Weafer notes that as more companies offer monetary rewards for discovering and reporting exploits, more users are searching for ways to compromise security. Additionally, more attackers are targeting users running applications, as these prove easier to compromise than hardened servers.
OK
09/25, 12:47pm reply
Let's scare Mac users into purchasing our anti-virus software....
I just think it's a little self serving for a company who makes anti-virus software to release a report like this. I would feel more confident if an independent source were to issue this warning than someone who stands to profit from the "threat".
appleisgreat
Fresh-Faced Recruit
Joined: Feb 2006
Symantec?
09/25, 12:57pm reply
Move on! I thought this was a reliable source. Nothing to see here.
jarod
Fresh-Faced Recruit
Joined: Apr 2005
....fear itself
09/25, 01:10pm reply
I am afaraid of using Safari over the other browsers becuase it is more than 3 times less likely someone will find an exploit. I will move to IE or Firefox where there are more holes to exploit!
ClevelandAdv
Fresh-Faced Recruit
Joined: Jul 2004
It's easy to criticize...
09/25, 01:56pm reply
Symantec criticizes developers for taking days (yes days!) to fix vulnerabilities. Yet here is Symantec, issuing a report in late September, warning us of vulnerabilities discovered between January and June.
chabig
Professional Poster
Joined: Jun 1999
..while Symantec...
09/25, 02:06pm reply
....took months the acknowledge the critical flaws in their own security product, and took more months to fix them (are they actually fixed? I don't think so)
Nice and desperate for relevance!
ZinkDifferent
Fresh-Faced Recruit
Joined: Jan 2005
A word of thanks
09/25, 02:33pm reply
"During the first six months of 2006 malicious users discovered 12 bugs in Safari, 47 bugs in Mozilla Firefox, and 38 bugs in Microsoft's Internet Explorer."
None of these bugs were discovered by Symantec or security researchers, rather, all by malicious users?
Thank you, malicious users, for bringing these bugs to light!
SomeToast
Senior User
Joined: Jan 1999
The new Mafia?
09/25, 08:47pm reply
All I'm hearing is 'I guy could get hurt around here, if you take my meaning'
These guys are almost as big a bunch of crims as the Pharmaceutical Industry!
We don't want your 'attention' go & pester Microsoft
McDave
Fresh-Faced Recruit
Joined: Jun 2006