The security issues affects the WINCRAP featureset. Doesn't that plague ever die???

so i guess Symantec wants mac users to buy their software! I don't think so. Installing anti-virus software is notoeious for opens more security holes, slowing down your os, and causes frequent hang-ups, and frustration.

no thanx.

One could make an argument that this vulnerability is a testament to the security of OS X compared to Windows. I doubt that any well-informed windows user would turn on file and print sharing and expose it to the internet without firewall protection.

The news that doing so on the OS X *may* be risky highlights the relative security of OS X over Windows.

Just my $0.02.

Beeners

One could make an argument that this vulnerability is a testament to the security of OS X compared to Windows. I doubt that any well-informed windows user would turn on file and print sharing and expose it to the internet without firewall protection.

Um, first off, there's nothing about this that talks about internet access.

Second, one of the problems people always says about windows is that users aren't well-informed about security. There's nothing about Mac users that make them intrinsically more security-knowledgable.

Third, turning on the firewall doesn't help. If you turn on your firewall to prevent access, well, guess what, you can't access the services you just turned on. So the firewall has to have the port open, which is how you access the flaw in the first place.

BTW, suhail, there's a small problem with your comment. All anti-virus software doesn't have those issues you mentioned. Now, symantec Anti-virus (which is what i think you're talking about), that's a different story. I can't believe people install that software (and people I know who use it on Windows can't wait to find something else to replace it and its incessant pop-ups, warnings, etc).

Good points louzer. I appreciate your arguments.

First, though not explicitly stated, I think that the internet is a key factor in exploiting this. If your internal network is compromised such that the threat is coming from inside, then you may have larger problems.

Second, I agree completely. In fact, one could argue that since Macs have historically had fewer attack vectors, the users are more complacent and less security knowledgeable.

Third, I apologize for my ambiguous wording in relation to firewalls. I was thinking of an external hardware based firewall, such as in a router, rather than the software firewall built into the OS. The scenario I envisioned was allowing local file and print sharing (inside the firewall), but blocking the big bad internet.

You are absolutely correct that if you want to access windows file and print sharing services from the internet, blocking access via any firewall defeats the purpose.

Beeners

I get a dirty feeling inside every time I make a trip into the System Preferences/Sharing pane and see the Windows File Sharing option. Turns out that little voice inside is right. LOL!

More inane comments about Mac users and their lax attitude about security, yet not a single Mac has been compromised outside some pencil neck's basement in his mother's house.

Yet we're supposed to feel inferior to the oh so intelligent PeeCee users, who use a platform filled with currently exploited vulnerabilities. Now tell me again, just who is it that's lax?

This article has nothing to do with Symantec people. DeepSight Threat Management Services is an IT service that many large companies subscribe to. You pay mucho grande a year (10K and up) to be automatically warned when a threat is detected by their honeypots and researchers. As reported in the MacNN article, DeepSight TMS was simply sending an AUTOMATED alert. It has nothing to do with Symantec pushing its products. I get about 20 of these alerts per day. Computerworld is just publishing what they received in their alerts.