Thursday, November 29, 2007

Secunia report regarding Apple QuickTime RTSP "Content-Type" Header Buffer Overflow

It's Secunia Weekly Summary day! (Every Thursday afternoon). In today's issue they reported the current QuickTime problem. As is typical of Secunia they blew the problem out of all proportions, saying the problem is 'Extremely critical' simply because it affects an Apple program. Big yawn. Nothing new from them. Nonetheless, I really like their analyses once the FUD is stripped away.

You can read their full report at:

Secunia's (admittedly minimal) advice:

"Do not browse untrusted websites, follow untrusted links, nor open untrusted QTL files."

Trust, trust, trust. It's all about trust.

Just so Mac users don't feel so bad, here are some statistics for you:

1) This past week Secunia collected 193 NEW Windows malware descriptions from anti-malware providers.
(Keep in mind folks that the term 'virus' is very specific to self-replicating malware. Therefore I never use the term unless it does indeed refer to an actual virus as opposed to some other kind of malware).

2) Vulnerabilities for nine Windows applications were reported this week, including two for IBM Lotus notes.

3) The FBI believes over 2.5 MILLION computers have been hacked into botnets. This is known as zombieing. Since 2005 the FBI estimate over $20 million in losses and theft have resulted from botnet activity. Meanwhile, the computer industry, based on studies from Symantec, believe the figure is more like 5 MILLION zombied computers exist. And guess what folks: NOT ONE OF THEM IS A MAC, unless of course they are running Windows. But do keep in mind that every OS in existence has vulnerabilities and you need to be secure with your Mac when it's on the Internet.

4) There is still only one piece of Mac malware in the wild, the so-called 'Porn Trojan'. (HAHAHA!)

5) There weren't any other Mac platform vulnerabilities reported this week.

I know this has a high 'DUH!' factor among the cognoscenti, but for the rest of us: Remember that Windows malware works just as well when you run Windows via BootCamp, Parallels, or VMWare. You REQUIRE anti-malware AND the Windows firewall turned ON (unless of course you run a separate firewall on top of Windows).

Also, if you are sloppy about your WiFi router security, you can get away with it using Mac OS X. But EXPECT to be infected or zombied if you run Windows on your Mac. Therefore:

(A) Password protect your WiFi router with a nasty-difficult-unguessable password.
(B) Password protect you Mac accounts with a nasty....
(C) Turn on and use the best encryption your WiFi router will allow. WEP sucks but is better than nothing. Aim for WPA or WPA2.
(D) If you don't have visitors connection to your WiFi network regularly, use MAC address authentication.
(E) And if you feel comfortable with it, stealth both your WiFi Macs and your router so no one war-driving even knows you're there.

I'll do a rant session on freeware Windows anti-malware apps, WiFi routers and war-driving in future posts.

Share and Enjoy,


No comments:

Post a Comment