7 replies to this topic

[Lewis]

Growing List of Security Threats to Mac OS X Lion

Long gone are the days when Apple lovers could take pride in their virus-free Macs while snickering at PC owners' constant worries about security. Apple's brand new Mac OS X Lion operating system is already acquiring an unhealthy list of reported vulnerabilities less than a week after its official release.

Some Lion vulnerabilities are carry-overs from Snow Leopard, like the "Mac Defender" class of scareware that first surfaced in May. Apple's recent software update to prep Macs running Snow Leopard for Lion installation includes identification and removal of known variants of the malware.

Like Mac Defender, another newly identified OS X threat called the Olyx backdoor appears to be a variant of Microsoft Windows-targeting malware that's simply been tweaked to go after Macs.

Researchers say the remote-controlled Trojan application resembles 2009's GhostNet malware, a threat to Windows-based PCs. And as with the various strains of Mac Defender, some of the most knowledgeable and quickest responses to this latest backdoor threat are coming from Apple's longtime rival Microsoft.

Another threat to Lion (and earlier versions of OS X) that's been identified by password recovery software vendor Passware is a vulnerability that enables passwords to be recovered from Macs via Firewire's use of Direct Memory Access (DMA). Yet another is a laptop battery chip vulnerability—that doesn't appear to have been addressed in any OS X 10.7 updates as of yet—which security researcher Charles Miller of Accuvant Labs says can be exploited to "brick" batteries in several Apple laptops.

Apple's success at gaining market share for OS X (not to mention its leadership in mobile operating systems with iOS) has clearly not come without a cost—whereas malware developers generally ignored Macs when they made up a fraction of the market, now they have every reason to target Apple.

[Lewis]

It was just a matter of time.

[Man'n'Black-4xp]

HA! Fell your high horse hey MAC?
Welcome to the fray...LoL

[jram]

Ask yourself this, do you know any Mac users that have had a malware problem ? Do you know any Windows users that have ? All Mac malware has to be installed by the user..

Quote

Passware is a vulnerability that enables passwords to be recovered from Macs via Firewire's use of Direct Memory Access (DMA)

A user must have physical access to the target Mac device, get real lol

[Lewis]

Hey J RAM how much do you use your Windows 7 ?

[jram]

About half the time, I like 7..

[Man'n'Black-4xp]

Quote

All Mac malware has to be installed by the user..

This may be true JRAM and people like you {and Fran} may be smart enough to avoid pitfalls, but the general masses are more 'click happy' than smart.

[jram]

There is always someone that will click on something they shouldn't, but most know better. Here is a example, say I needed a codec for Quicktime or even Media player, I would go to the website and download it, click on the installer and it would install. If I was on some site and a popup said to watch this movie you need a certain codec, if the user downloaded that codec and clicked on the installer and it was a Trojan, there would be something trying to change the system, thus a box would popup and you would have to put in your password before you could install it. Nothing is fool proof, there has been social engineering malware for the Mac forever, you just didn't hear about it to much, now with more Mac's in use the AV companies can smell the money, many of these scares are just scares and nothing more.. With that said, if a Windows user downloaded the same codec, if the AV didn't catch it, they would be infected.. I feel just as safe on Windows 7 as I do on my Mac, common sense goes a long way in preventing infection.. We have something most don't, we have Broni, he's the best.