7/6/2006
- Apple Safari DHTML SetAttributeNode() Denial of Service
The
folks behind browserfun.blogspot.com have committed to releasing
a new browser exploit, every day, for the month of July. So
far, they have met that commitment. On July 4th, a DoS vulnerability
for Safari 2.0.4 / 419.3 was posted. The vulnerability was
discovered via the Hamachi
fuzzing tool.
Full
details.....(including a link to the demo)
7/3/2006
- McAfee Reaches 200,000 Threats in their DATs
The
real interesting part of this is that they reached 100,000
in September of 2004! It took eighteen years to reach 100,000,
and less than 2 to double that. We expect this type of growth
to continue..
See the Avert
Labs Blog for more detail....
7/2/2006
- Sophos Recommends the Switch to Macs!
"Sophos
security said that the 10 most commonly found pieces of malicious
software all targeted Windows machines.
In
contrast, it said, none of the "malware" were capable
of infecting the Mac OS X operating system.......It seems
likely that Macs will continue to be the safer place for computer
users for some time to come," said Mr Cluley"
Full
Article
7/3/2006
- Latest "Mac OS X Trojan" Still Just PoC (Proof
of Concept).
There
has been a great deal of media attention to Symantec's "OSX.Exploit.Launchd"
"trojan". Given the current state of heightened
security awareness, on the Mac OS X platform, this is somewhat
understandable. However, as of this writing, this is not a
live threat. It is even a bit of a stretch to call this a
"trojan". This is proof-of-concept code...and that
fact is plainly advertised. In theory, this vulnerability
'could be' targeted by a similar exploit, via a trojan hoarse.
However that is not the case with the code available now.
More
info:
Macfixit - http://www.macfixit.com/articlstory=20
Symantec - http://www.sarc.com//venc/data/osx..html
Vunet.com - www.vunet.com/article
|