Apple Computer has released nearly a dozen fixes for flaws in its Mac OS operating system, including a script for preventing phishers from fooling users of its Safari browser.

The script, released Monday, tackles a pernicious phishing problem in browsers. The loophole could allow an attacker to use certain characters from different languages to create legitimate-looking Web addresses that actually send victims to malicious Web sites. The security problem affected all browsers that supported Internationalized Domain Names, or IDN, and is not Apple-specific.

"For example, the Cyrillic letter 'a' could be used in place of the Latin letter 'a,' making it difficult for a user to tell if they are at www.apple.com or a malicious imposter website that's designed to look like the real one," the company said in an advisory discussing the problem. "These sites can be used to collect account numbers, passwords and other personal information."

Other browsers affected by the IDN security issue include the Mozilla Foundation's Mozilla and Firefox, and Opera. Both Mozilla and Opera Software have issued fixes for the problem. Microsoft's Internet Explorer does not support IDN, so it is not vulnerable to such attacks. However, plug-ins that add IDN functionality to Internet Explorer do put it at risk.

The newly released patches take care of flaws in the Apple Filing Protocol server and the Samba filing-sharing server, as well as multiple issues with the Cyrus authentication software, Mailman, SquirrelMail and Cyrus mail software.

The patches can be downloaded from Apple's Web site or automatically installed via Apple's Software Update tool.

Apple has moved to a regular release schedule, publishing fixes every month. The first major company to embrace a monthly patch process was Microsoft, and database maker Oracle has also moved to regular releases, but on a quarterly basis.
Source : http://news.zdnet.com/2100-1009_22-5629084.html

Symantec study warns of more OS X attacks

Security vendor Symantec is warning that Apple's OS X operating system is increasingly becoming a target for hackers and malware authors.

In its seventh bi-annual Internet Security Threat Report, Symantec said over the past year, security researchers had discovered at least 37 serious vulnerabilities in the Mac OS X system. According to Symantec, as Apple increases its market share--with new low cost products such as the Mac mini--its user base is likely to come under increasing attack.

"Contrary to popular belief, the Macintosh operating system has not always been a safe haven from malicious code," Symantec said. "Out of the public eye for some time, it is now clear that the Mac OS is increasingly becoming a target for the malicious activity that is more commonly associated with Microsoft and various Unix-based operating systems," the report said.

"Apple Computer has become a target for new attacks… The appearance of a rootkit109 called Opener in October 2004, serves to illustrate the growth in vulnerability research on the OS X platform… The various OS X vulnerabilities allow attackers to carry out information disclosure, authentication bypass, code execution, privilege escalation, and DoS attacks. Symantec believes that as the popularity of Apple's new platform continues to grow, so too will the number of attacks directed at it," the report said.

Symantec’s concerns were echoed by James Turner, security analyst at Frost & Sullivan Australia, who said many of the people who bought Apple products were not concerned about security, which left them wide open to attack.

"The iPod, PowerBooks and mini Macs are cool products," Turner said. "The by-product is that people are buying these products for form over function. They say it looks pretty and then buy it but don’t secure it. As Apple increases its market share, it will be a legitimate target."

Trend Micro senior systems engineer Adam Biviano said all complex operating systems had security flaws and the more popular the platform, the more likely it would be attacked.

"All sophisticated platforms--Mac, Linux, Solaris or anything else — will have vulnerabilities," Biviano said. "The only reason Windows has had mass exploits written for it is the sheer number of connected devices that are present on most networks. As soon as you start seeing mass deployment of any technology you are going to see exploits."

According to Biviano, while there have not been any mass outbreaks of viruses targeting the Mac, the potential does exist. "You don’t see Macintosh viruses in mass outbreaks but you do see them in the labs as proof of concepts. There aren't any outbreaks because there are simply are not enough [Macs] out there. For a virus to be successful it needs a combination of an exploit and a large target audience," said Biviano, who nominated the mobile phone market as an example of malware writers targeting the most popular platform, not Microsoft’s platform.

"Look at where mobile viruses are going and they are not targeting Microsoft--they are targeting the market leader, which is Symbian," he said. The Symantec report found in the second half of last year, an increasing proportion of malware was designed to expose confidential information. The report also found that phishing attacks increased by 366 percent while the number of Windows-based worms and viruses increased by 64 percent, when compared to the first half of 2004.
Source : http://news.zdnet.com/2100-9590_22-5628665.html