09/25/2006, 12:35pm, EDT

Monday, September 25th

Mac OS X threat exposure increases

As Apple's Mac OS X operating system increases in popularity, so does its exposure to internet-related security threats. Security firm Symantec has published its latest Internet Security Threat Report, revealing that the number of vulnerabilities identified in Apple's Safari Web browser doubled over the first half of 2006, and that the amount of time Safari users were vulnerable to exploits before Apple released a security fix increased from zero days to five. During the first six months of 2006 malicious users discovered 12 bugs in Safari, 47 bugs in Mozilla Firefox, and 38 bugs in Microsoft's Internet Explorer. Mozilla on average fixed its bugs within one day of exploits surfacing, Apple within five days, Microsoft within nine days, and Opera two days.

"There is no safe browser," said Symantec Security Response senior director Vincent Weafer. "If you've got a browser, make sure you're configuring it correctly. [...] That's a far better strategy than running some browser just because you haven't heard of it."

Weafer notes that as more companies offer monetary rewards for discovering and reporting exploits, more users are searching for ways to compromise security. Additionally, more attackers are targeting users running applications, as these prove easier to compromise than hardened servers.

Filed under: troubleshooting

, 7

7 comments

Reader Reactions (Please use <i></i> for italic text)

subscribe to comments
for this article

Expand All

Global Settings

appleisgreat

09/25, 12:47pm, EDT

Let's scare Mac users into purchasing our anti-virus software....

I just think it's a little self serving for a company who makes anti-virus software to release a report like this. I would feel more confident if an independent source were to issue this warning than someone who stands to profit from the "threat".

Fresh-Faced Recruit

Joined Feb 2006

User is offline

jarod

Symantec?

09/25, 12:57pm, EDT

Move on! I thought this was a reliable source. Nothing to see here.

Fresh-Faced Recruit

Joined Apr 2005

User is offline

ClevelandAdv

....fear itself

09/25, 1:10pm, EDT

I am afaraid of using Safari over the other browsers becuase it is more than 3 times less likely someone will find an exploit. I will move to IE or Firefox where there are more holes to exploit!

Fresh-Faced Recruit

Joined Jul 2004

User is offline

chabig

It's easy to criticize...

09/25, 1:56pm, EDT

Symantec criticizes developers for taking days (yes days!) to fix vulnerabilities. Yet here is Symantec, issuing a report in late September, warning us of vulnerabilities discovered between January and June.

Professional Poster

Joined Jun 1999

User is offline

ZinkDifferent

..while Symantec...

09/25, 2:06pm, EDT

....took months the acknowledge the critical flaws in their own security product, and took more months to fix them (are they actually fixed? I don't think so)

Nice and desperate for relevance!

Fresh-Faced Recruit

Joined Jan 2005

User is offline

SomeToast

A word of thanks

09/25, 2:33pm, EDT

"During the first six months of 2006 malicious users discovered 12 bugs in Safari, 47 bugs in Mozilla Firefox, and 38 bugs in Microsoft's Internet Explorer."

None of these bugs were discovered by Symantec or security researchers, rather, all by malicious users?

Thank you, malicious users, for bringing these bugs to light!

Senior User

Joined Jan 1999

User is offline

McDave

The new Mafia?

09/25, 8:47pm, EDT

All I'm hearing is 'I guy could get hurt around here, if you take my meaning'

These guys are almost as big a bunch of crims as the Pharmaceutical Industry!

We don't want your 'attention' go & pester Microsoft

Fresh-Faced Recruit

Joined Jun 2006

User is offline

Your Comments

Not a member of the MacNN forums? Register now for free.

Default Comment View
External Page Links
Comment Threading View