A tasty assortment of links on the recent security excitment, which also affects Mail.app.

Well-done

Secunia rates the Safari vulnerability as “extremely critical”, a rating the company gives when “successful exploitation does not normally require any interaction and exploits are in the wild.” Secunia is a provider of IT-security services.

Anti-virus company Intego has analysed the Leap-A (”Oompa-Loompa”) Trojan horse. After exhaustive testing, the company reported that “the best protection against this Trojan horse and its variants is Intego VirusBarrier X4″. CEO Laurent Marteau says, “it is clear that antivirus software on a Macintosh computer is as essential as wearing a seat belt in a car”.

Medium

ZDNet Australia carries an interview with Paul Ducklin, Sophos’ Asia-Pacific head of technology. ” “There is not a clear and present danger like there is with Windows but the same risks apply”, he says.

Eric Bangeman on Ars Technica thinks that “the malware may be less destructive, more difficult to find, and less prevalent than on other platforms. But it’s there, and it’s not going to go away.”

Medium-rare

At Wired, Leander Kahney is keeping his cool: “These Mac security holes are a storm in a teacup,” he says.

The Daring Fireball puts it all in perspective. John Gruber writes: “It boils down to this: you can’t safely double-click files from untrusted sources, and you never could. This is no different today on Mac OS X 10.4 than it was a decade ago on Mac OS 8 and 9.”

Stephan Schwab is also fairly relaxed: “Of course this unwanted interference is annoying and it’s far better to let the user decide when to execute something, but it’s not a security threat of any magnitude.”

Tags: Apple, exploits, Mac OS X, Safari, scripts, security, Trojan horse, virus

Related posts

• Ubuntu switcher takes a step back to Mac
• Security Bug back for Leopard Mail
• More security flaws in Mac OSX
• Mail.app too dangerous to use?
• Mail and Safari patched

This entry was posted on Thursday, February 23rd, 2006 at 12:06 am and is filed under Apple, Apple Mail. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.