PDA

View Full Version : Unpatched applications may be a larger security risk than Internet Explorer



FoxyMX
22-05-2007, 05:07 PM
Danish vulnerability tracker Secunia ApS' studies have shown that users are less likely to patch applications such as QuickTime and Winamp than their internet browsers. Secunia say this is a major concern for PC security.

Although browsers are notoriously juicy targets for hackers, Apple Inc.'s QuickTime is actually three times more likely to pose a threat than Internet Explorer 6 -- and six times more likely to be a threat than Firefox.

Read about it here (http://www.pcworld.com/article/id,132025-pg,1/article.html).

winmacguy
22-05-2007, 05:13 PM
Saw that earlier. I guess it is a good excuse to see if your iTunes is up to date. Must admit though, they only talk of "vulnerabilities" as opposed to actual intrusions...:rolleyes:

FoxyMX
22-05-2007, 05:43 PM
Must admit though, they only talk of "vulnerabilities" as opposed to actual intrusions...:rolleyes:

I bet it happens plenty. Everyone views movies and pictures these days so it would be easy as pie to infect machines on malicious websites.


"Most people wouldn't hesitate to open an .mpg, .jpg, .mov or .mp3 file from any source if it seems the least bit interesting and relevant. It's easy to embed a movie in your home page, for example, and all it takes is one unpatched QuickTime vulnerability and a provocative video title to compromise a lot of visitors."

winmacguy
22-05-2007, 05:58 PM
I bet it happens plenty. Everyone views movies and pictures these days so it would be easy as pie to infect machines on malicious websites.

Might be that it affects Windows users only, in which case there would be a higher chance of people getting infected.

Graham L
22-05-2007, 06:05 PM
... I bet it happens plenty. Everyone views movies and pictures these days so it would be easy as pie to infect machines on malicious websites...Like this picture (www.imagef1.net.nz/files/babe.jpg) posted by FoxyMX?

Jen
22-05-2007, 06:06 PM
I can see that happening easily as well. Some applications have auto-update checks built in, but how many people just click "ignore" with them or block the updater with their firewall (to prevent unwanted calling home connections).

Some people moan about how big updates for Linux can be, but the package managers keep track of every single application installed via the repositories/package manager. If there is an update for flash, OpenOffice, Firefox, your PIM application whatever, it will display this and give you the option of updating that application along with the regular security updates etc.

winmacguy
22-05-2007, 06:08 PM
Like this picture (www.imagef1.net.nz/files/babe.jpg) posted by FoxyMX?

I can see a lot of people getting infected by that ;)

motorbyclist
23-05-2007, 12:14 AM
Might be that it affects Windows users only, in which case there would be a higher chance of people getting infected.

what does that have to do with anything? "it" could be anything, most probably designed for windows machines to achieve maximum effect. the fact you use a mac is by no means an excuse not to take security precautions like patching software, that's like not wearing a seatbelt because you're over 25


i've always wondered what my 25th will be like; who will give me "driving skill" as a present? i think my insurer would, seeing as they hint it in their pricing/age policy, but they won't even give me the full sum insured when my car gets driven into... and i think they forgot mum, or she gave her skill to me for my 15th or something:rolleyes:

winmacguy
23-05-2007, 06:48 AM
what does that have to do with anything? "it" could be anything, most probably designed for windows machines to achieve maximum effect.

Well it does say that it affects ALL systems although there would be more PC users with Open Office than Mac users. That being said, it is much harder to infect a Mac than a PC since infecting a Mac virtually requires you to do it yourself whereas with a PC the system pretty much does it for you.

Note: In the case of this little infection you just get a picture of a woman's legs with fishnet stockings:rolleyes:

FoxyMX
23-05-2007, 08:25 AM
Might be that it affects Windows users only, in which case there would be a higher chance of people getting infected.

That is probably true, mainly because Windows has the security hole and the infection is designed to take advantage of it. Also, with people using Administrator accounts for everyday use it makes it much easier for these malicious apps to run or install themselves. In Mac or Linux you need to be Root before anything will execute.


Note: In the case of this little infection you just get a picture of a woman's legs with fishnet stockings:rolleyes:

And big boots. :p

winmacguy
23-05-2007, 08:30 AM
That is probably true, mainly because Windows has the security hole and the infection is designed to take advantage of it. Also, with people using Administrator accounts for everyday use it makes it much easier for these malicious apps to run or install themselves. In Mac or Linux you need to be Root before anything will execute.


Glad someone else pointed that out.