Oh by the way, NO VIRUSES FOR MACS. EVER. Reason enough right there.
As Macs get to be more of a common occurrence, there will be more attacks launched on them. Its a game of numbers, the greater the number, the more likely you are to find a way in.
With 4% market share, Apple's got a long way to go before Macs become viable targets for virus writers. Plus, with a base of BSD Unix, Mac OS X *is* actually more secure than Vista.
US Military public web servers run on Mac OS X for a reason...
looking to possibly switch from a windows based system for the home computer. is mac really all that and more? basically for image and video editing. any reccos or pitfalls to avoid would be appreciated.
Gargantuan OS X Update Fixes Almost 100 Security Flaws
18 March, 2008
* These vulnerabilities affect: OS X 10.4.x (Tiger) and OS X 10.5.x (Leopard), both client and server versions
* How an attacker exploits them: Multiple vectors of attack, including enticing one of your users into visiting a URL or web site
* Impact: Various results; in the worst case, attacker executes code on your user's computer, potentially gaining complete of your user's computer
* What to do: OS X administrators should download, test and install Security Update 2008-002
Today, Apple released a security update <http://docs.info.apple.com/article.html?artnum=307562> fixing over 95 (number based on CVE-ID <http://cve.mitre.org/> s) security issues in software packages that ship as part of OS X, including Apache, Preview, and Help Viewer. Some of these vulnerabilities allow attackers to execute any code they choose on your OS X machines, so we rate this update Critical. Apply it as soon as you can. Three of the vulnerabilities fixed include:
* Multiple integer overflow vulnerabilities in AppKit. AppKit is a OS X framework that helps developers implement graphical, event-driven user interfaces. According to Apple, Appkit suffers from integer overflow vulnerabilities <http://en.wikipedia.org/wiki/Integer_overflow> involving the way it parses something called a "serialized property list." By luring one of your users to a maliciously crafted web site, an attacker could exploit these flaws to execute code on your user's computer, with that user's privileges. The attacker could then leverage a separate vulnerability in AppKit -- also described in Apple's alert -- to gain system privilege, thus giving the attacker complete control of that user's Mac.
* Foundation race condition vulnerability. Foundation is an OS X component that helps Safari handle web pages and URL <http://www.watchguard.com/glossary/u.asp#URL> s. According to Apple, Foundation suffers from a complicated race condition vulnerability <http://en.wikipedia.org/wiki/Race_condition> . If an attacker can entice one of your users into visiting a malicious web site, he could exploit this vulnerability to execute code on the user's computer, with that user's privileges. Furthermore, the attacker could then leverage other vulnerabilities described in Apple's alert to elevate privileges <http://www.watchguard.com/glossary/e.asp#elevation> and gain complete control of your user's computer.
* Image Raw buffer overflow vulnerability. Image Raw is a component that allows OS X to handle the various RAW image formats <http://en.wikipedia.org/wiki/Raw_image_format> that some digital cameras support. Image Raw suffers from a buffer overflow vulnerability <http://www.webopedia.com/TERM/b/buffer_overflow.html> involving the way it handles specially malformed Adobe Digital Negative (DNG) image files. By enticing one of your users into viewing a malicious image, an attacker can exploit this flaw to execute code on that user's computer. By default, the attacker would only execute code with that user's privileges. However, he could then leverage another vulnerability -- also described in Apple's alert -- to gain complete control of your user's computer.
Apple's alert includes many, many more flaws, including other code execution flaws in addition to those described above. The remaining vulnerabilities also include Denial of Service (DoS) <http://www.watchguard.com/glossary/d.asp#DoS> flaws, elevation of privilege <http://www.watchguard.com/glossary/e.asp#elevation_of_privilege> flaws, and information disclosure vulnerabilities, plus others. Components patched by this security update include:
pax archive utility
Refer to Apple's alert <http://docs.info.apple.com/article.html?artnum=307562> for more details.
This is a huge update fixing many security vulnerabilities, some of which pose a critical security risk. If you manage OS X machines, we highly recommend you apply this update right away.
Apple has released OS X Security Update 2008-002 to fix all these security issues. OS X administrators should download, test, and deploy Security Update 2008-002 as soon as they can.
* Security Update 2008-002 v1.0 (PPC) <http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=18157&cat=1&platform=osx&method=sa/SecUpd2008-002PPC.dmg>
* Security Update 2008-002 v1.0 (Universal) <http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=18158&cat=1&platform=osx&method=sa/SecUpd2008-002Univ.dmg>
* Security Update 2008-002 v1.0 (Leopard) <http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=18159&cat=1&platform=osx&method=sa/SecUpd2008-002.dmg>
* Security Update 2008-002 v1.0 Server (PPC) <http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=18161&cat=1&platform=osx&method=sa/SecUpdSrvr2008-002PPC.dmg>
* Security Update 2008-002 v1.0 Server (Universal) <http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=18165&cat=1&platform=osx&method=sa/SecUpdSrvr2008-002Univ.dmg>
* Security Update 2008-002 v1.0 Server (Leopard) <http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=18160&cat=1&platform=osx&method=sa/SecUpdSrvr2008-002.dmg>
Note: If you have trouble figuring out which of these patches corresponds to your version of OS X, we recommend you let OS X's Software Update utility pick the correct update for you automatically.
For All Users:
These flaws support diverse exploitation methods. Some of the exploits are local, meaning that your perimeter firewall never encounters the attack (unless you use firewalls internally between departments). Installing these updates, therefore, is the most secure course of action.
Apple released updates to fix these issues.
* Apple's March OS X Advisory <http://docs.info.apple.com/article.html?artnum=307562>
This alert was researched and written by Corey Nachreiner, CISSP.