- home
- reviews
- news
- downloads
- cnet tv
On The Insider: Britney's Bikini-Clad Top 10
- log in
- join CNET
- welcome,
- my profile
- log out

May 12, 2006 2:19 PM PDT

Apple flaws put both Macs and PCs at risk

By Joris Evers
Staff Writer, CNET News

162 comments

Related Stories: Unpatched Mac flaws may put users at risk
April 21, 2006; Apple issues Java security update
April 19, 2006; One more update to Apple patch
March 17, 2006; Tribble on Apple's security troubles
March 15, 2006; Apple corrects patch trouble
March 13, 2006; Another Mac OS X hack challenge launched
March 7, 2006; Mac OS X patch faces scrutiny
March 7, 2006; Apple patches serious Mac OS flaws
March 1, 2006; Mac OS flaw exposes Apple users
February 21, 2006

Serious flaws in Mac OS X and QuickTime software could put Macintosh and Windows systems at risk of cyberattack, Apple Computer has warned.

In a pair of security alerts released Thursday, Apple outlined 31 flaws that affect various versions of the operating system and a dozen vulnerabilities in its QuickTime media player software. Security experts have deemed the issues "critical," but Apple does not provide a severity rating. Fixes are available.

The Mac OS X vulnerabilities lie in various components of the operating system and affect both the server and client versions, Apple said in an advisory. An attack could be launched using some of the bugs by creating a malformed file, or by building a malicious Web site and enticing someone to visit it, the company said.

"These flaws could be exploited by attackers to execute arbitrary commands, bypass security restrictions, disclose sensitive information or cause a denial of service," the French Security Incident Response Team, a security-monitoring company, said in an advisory.

The patches indicate that Apple is having a hard time completely resolving a security flaw that surfaced earlier this year. They fix an issue in the "download validation" function, a feature designed to protect Mac users from installing harmful code from a malicious Web site or e-mail--a risk more familiar to Windows users.

Apple added the function in a security update released in early March. Two weeks later, it issued another update to fix some problems with the feature. Thursday's fix tackles another issue: the download validation may be bypassed if a file has a long name, Apple said.

Critics have argued that the download validation function is not enough to address the installation risk, and that Apple needs to correct the problem at a lower level in the operating system.

The QuickTime flaws put both Mac OS X and Windows computers at risk of compromise. All of the vulnerabilities exist because of errors in the way the media player software handles certain files. Specially crafted files in certain media formats--including JPEG, QuickTime, Flash, MPEG4 and AVI--could allow an intruder to hijack a vulnerable system, Apple said in an advisory.

Apple's security update 2006-003 for Mac OS X and the QuickTime patch can be downloaded and installed via Software Update preferences or from the Apple Downloads Web site.

See more CNET content tagged:
Apple QuickTime, Apple Computer, flaw, advisory, Apple Mac OS

Add a Comment (Log in or register) Showing 1 of 3 pages (162 Comments)

Preventative Maintenace

by SeaMoose77 May 12, 2006 2:54 PM PDT

no issues have been found, excpet those that Apple found, this is just preventative maintenace... Nice to see that Apple has addressed these issues in a timely fashion.

Like this Reply to this comment

exactly
by kxmmxk May 12, 2006 3:06 PM PDT: Very true. And note how the title on the main page for this article is slightly changed to make it as inflammatory as possible.; Like this

Apple
by fakespam May 13, 2006 10:36 PM PDT: Apple finds the flaws, fixes them. M$ finds the flaws way later, then maybe, just maybe, they'll fix 'em. Strange.; Like this View reply Hide reply
Processing

Preventative Maintenace

by SeaMoose77 May 12, 2006 2:54 PM PDT

no issues have been found, excpet those that Apple found, this is just preventative maintenace... Nice to see that Apple has addressed these issues in a timely fashion.

Like this Reply to this comment

exactly
by kxmmxk May 12, 2006 3:06 PM PDT: Very true. And note how the title on the main page for this article is slightly changed to make it as inflammatory as possible.; Like this

Apple
by fakespam May 13, 2006 10:36 PM PDT: Apple finds the flaws, fixes them. M$ finds the flaws way later, then maybe, just maybe, they'll fix 'em. Strange.; Like this View reply Hide reply
Processing

Bit ironic

by panazule May 12, 2006 3:17 PM PDT

After seeing Apple's idiotic commercial going on about how there is no Virus problem on the Apple this is kind of ironic. What Apple and their users fail to understand is that there is no virus's solely because there is harldy any interest in the platform so noone bothers to write viruses and trojans and so on for the mac. Rest assured that if OS X becomes popular, whether it be because of Windows support or whatever, there will be many virus's popping up for it. They say lack of virus's shows their a superior system but to the rest of the world it's just looked at as sad because noone cares enough to even exploit the dying OS.

Like this Reply to this comment

Almost...
by tcarreon May 12, 2006 3:26 PM PDT: The ad you cite does not say the mac is impervious to a virus, only that there were not 114,000 known viruses for the mac last year. I agree the reason there are not 114,000+ viruses for the Mac is not soley because the OS is not vulnerable, but at the same time, security measures currently in place (limited user privilege at run-time, for instance) make it harder for a virus to propogate across OS X systems compared to Windows systems. Otherwise, why would Microsoft be implementing a similar-style mechanism in Vista (UAP)?; Like this

To: The Plea-to-Ignorance Crowd
by SNGecko May 12, 2006 3:32 PM PDT: There exist flaws in the Mac OS X operating system. There exist flaws in the Microsoft Windows operating system. To argue by implication that if Mac OS X was as popular as Windows is now, it would suffer the same virus/worm-ridden and neglected fate, possesses no logical validity. Like many so-called "intelligence failures," we cannot secure ourselves from all we do not know (i.e., an infinite set). I am interested in how that multi-thousand-dollar prize for the first in-the-wild Mac virus is going? Certainly virus-writers could do with a few extra thousand dollars. It's been going for a long time.; Like this View all 2 replies Hide replies
Processing

*yawn*
by pmardones May 13, 2006 5:08 AM PDT: "What Apple and their users fail to understand is that there is no virus's solely because there is harldy any interest in the platform so noone bothers to write viruses and trojans and so on for the mac." If I had a dollar for every time I've read/heard this argument... Whatever, man. Moving on...; Like this View reply Hide reply
Processing

LOL
by open-mind May 13, 2006 8:49 AM PDT: Nobody has interest in that platform ... it's written every day. Nobody eats at that restaurant ... it's way too crowded. Thanks for the laugh.; Like this

Bit ironic

by panazule May 12, 2006 3:17 PM PDT

Like this Reply to this comment

Almost...
by tcarreon May 12, 2006 3:26 PM PDT: The ad you cite does not say the mac is impervious to a virus, only that there were not 114,000 known viruses for the mac last year. I agree the reason there are not 114,000+ viruses for the Mac is not soley because the OS is not vulnerable, but at the same time, security measures currently in place (limited user privilege at run-time, for instance) make it harder for a virus to propogate across OS X systems compared to Windows systems. Otherwise, why would Microsoft be implementing a similar-style mechanism in Vista (UAP)?; Like this

To: The Plea-to-Ignorance Crowd
by SNGecko May 12, 2006 3:32 PM PDT: There exist flaws in the Mac OS X operating system. There exist flaws in the Microsoft Windows operating system. To argue by implication that if Mac OS X was as popular as Windows is now, it would suffer the same virus/worm-ridden and neglected fate, possesses no logical validity. Like many so-called "intelligence failures," we cannot secure ourselves from all we do not know (i.e., an infinite set). I am interested in how that multi-thousand-dollar prize for the first in-the-wild Mac virus is going? Certainly virus-writers could do with a few extra thousand dollars. It's been going for a long time.; Like this View all 2 replies Hide replies
Processing

*yawn*
by pmardones May 13, 2006 5:08 AM PDT: "What Apple and their users fail to understand is that there is no virus's solely because there is harldy any interest in the platform so noone bothers to write viruses and trojans and so on for the mac." If I had a dollar for every time I've read/heard this argument... Whatever, man. Moving on...; Like this View reply Hide reply
Processing

LOL
by open-mind May 13, 2006 8:49 AM PDT: Nobody has interest in that platform ... it's written every day. Nobody eats at that restaurant ... it's way too crowded. Thanks for the laugh.; Like this

funny...
by robot999 May 12, 2006 3:30 PM PDT: They are quick to say how bad these "flaws" are, but don't bother to mention that none (that i've read about) have actually been exploited. This whole article seem very anti-apple. Surprising from C/net.; Like this Reply to this comment

funny...
by robot999 May 12, 2006 3:30 PM PDT: They are quick to say how bad these "flaws" are, but don't bother to mention that none (that i've read about) have actually been exploited. This whole article seem very anti-apple. Surprising from C/net.; Like this Reply to this comment

Worst bias ever....

by shralpmeister May 12, 2006 3:43 PM PDT

I am really tired of C'Net's anti-Apple bias. This headline has to be the worst I've seen. In the interest of objectivity you'll have to announce every Windows update as WINDOWS FLAWS PUT PCS, MACS AND HELPLESS SENIOR CITIZENS AT RISK. C'Net is a worthless mouthpiece for the WinTel hedgemoney. You and any of your socalled journalists should be ashamed of yourselves.

Like this Reply to this comment

okay
by Michael Vasovski May 12, 2006 4:51 PM PDT: As opposed to the MacTel homogeny? It's not like the Apple elitist fanatics aren't asking for it. Somehow the Apple spinsters have managed to convince their patrons that they all think on a higher plane or are, in some way, superior to the 'average' Windows home user. The reality being that you just payed $3,000 for a computer w/ a $150 video card, bought into their BLOWN-out-of-proportion specs for their awesome Intel processors -remember, Intel 'used to suck', and will probably, in short order, be wearing the white, Apple logo sticker on your rear window... Point is: Nothing is perfect. Try to convince yourself as you may, your Mac OS is not bulletproof. Someone will crack it, just like they will with Vista -although Vista will present a much more lucrative target and will therefore get more attention and resources. You represent a smaller number. And will get less attention for it. But don't go around thinking that you've got a better number. You're in a smaller crowd. So you can consider yourself more infrequent or rare. But not better. So drop the attitude and tell your brothers and sisters at Apple iChurch on Sunday to pull their heads out, realize their computers for what they are, and quit buying into the hype... By the way, with 95% of the home market, Microsoft doesn't need a 'worthless mouthpiece'.; Like this

but you are reading it
by gggg sssss May 12, 2006 7:33 PM PDT: so how worthless can it be?; Like this

Bias?
by Hernys May 13, 2006 12:58 AM PDT: I've seen the Windows title you mention (Windows Flaws put PCs at risk) every time there's a Windows fix (and that's almost monthly). So I don't see any bias here. They are just doing for Apple what they routinely do for Windows (and before you make some witty comment about the number of times this happens for Windows, read Apple's announcement and see how many vulnerabilities they are fixing this time).; Like this

Only in your own mind...
by Maelstorm May 15, 2006 1:15 PM PDT: "I am really tired of C'Net's anti-Apple bias." They seem pretty fair to me. "This headline has to be the worst I've seen." The worst headline? Hardly. It's ment to draw attention to an very important issue dealing with software. "In the interest of objectivity you'll have to announce every Windows update as WINDOWS FLAWS PUT PCS, MACS AND HELPLESS SENIOR CITIZENS AT RISK." Why? Microsoft knows about their problems as do their users. Plus Microsoft autopatches everything on a monthly basis anyways. What about your Mac? "C'Net is a worthless mouthpiece for the WinTel hedgemoney." Such as the MacIntel lockin? Don't make me laugh. You are a worthless mouthpiece for Apple. It seems that people like you who buy into Steve Jobs's vision of how the world is have a really bad case of HUA Syndrome. I'll let you figure out the meaning of that acronym. Considering all the different hardware configurations that are out there, Windows does pretty freaking good despite all it's faults. What you fail to realize is the fact that all software (Microsoft, Apple, Open Source, etc) has bugs in it. Even OpenBSD, which is the most secure OS on the planet, has faults. Why do you think that Steve Jobs won't let Mac OSX run on standard PC hardware? Because he want's total control over the hardware, the software, and your life. Bill Gates just wants to control the software, and he does. The pirmary reason why I went with Windows was hardware versatility. I also run FreeBSD systems too. As another reader posted...."With 95% of the home market, Microsoft doesn't need a 'worthless mouthpeice'." "You and any of your socalled journalists should be ashamed of yourselves." And you should be ashamed of yourself for writing such a worthless post in a public forum. Your useless contribution to humanity is not wanted or needed.; Like this

Worst bias ever....

by shralpmeister May 12, 2006 3:43 PM PDT

Like this Reply to this comment

okay
by Michael Vasovski May 12, 2006 4:51 PM PDT: As opposed to the MacTel homogeny? It's not like the Apple elitist fanatics aren't asking for it. Somehow the Apple spinsters have managed to convince their patrons that they all think on a higher plane or are, in some way, superior to the 'average' Windows home user. The reality being that you just payed $3,000 for a computer w/ a $150 video card, bought into their BLOWN-out-of-proportion specs for their awesome Intel processors -remember, Intel 'used to suck', and will probably, in short order, be wearing the white, Apple logo sticker on your rear window... Point is: Nothing is perfect. Try to convince yourself as you may, your Mac OS is not bulletproof. Someone will crack it, just like they will with Vista -although Vista will present a much more lucrative target and will therefore get more attention and resources. You represent a smaller number. And will get less attention for it. But don't go around thinking that you've got a better number. You're in a smaller crowd. So you can consider yourself more infrequent or rare. But not better. So drop the attitude and tell your brothers and sisters at Apple iChurch on Sunday to pull their heads out, realize their computers for what they are, and quit buying into the hype... By the way, with 95% of the home market, Microsoft doesn't need a 'worthless mouthpiece'.; Like this

but you are reading it
by gggg sssss May 12, 2006 7:33 PM PDT: so how worthless can it be?; Like this

Bias?
by Hernys May 13, 2006 12:58 AM PDT: I've seen the Windows title you mention (Windows Flaws put PCs at risk) every time there's a Windows fix (and that's almost monthly). So I don't see any bias here. They are just doing for Apple what they routinely do for Windows (and before you make some witty comment about the number of times this happens for Windows, read Apple's announcement and see how many vulnerabilities they are fixing this time).; Like this

Only in your own mind...
by Maelstorm May 15, 2006 1:15 PM PDT: "I am really tired of C'Net's anti-Apple bias." They seem pretty fair to me. "This headline has to be the worst I've seen." The worst headline? Hardly. It's ment to draw attention to an very important issue dealing with software. "In the interest of objectivity you'll have to announce every Windows update as WINDOWS FLAWS PUT PCS, MACS AND HELPLESS SENIOR CITIZENS AT RISK." Why? Microsoft knows about their problems as do their users. Plus Microsoft autopatches everything on a monthly basis anyways. What about your Mac? "C'Net is a worthless mouthpiece for the WinTel hedgemoney." Such as the MacIntel lockin? Don't make me laugh. You are a worthless mouthpiece for Apple. It seems that people like you who buy into Steve Jobs's vision of how the world is have a really bad case of HUA Syndrome. I'll let you figure out the meaning of that acronym. Considering all the different hardware configurations that are out there, Windows does pretty freaking good despite all it's faults. What you fail to realize is the fact that all software (Microsoft, Apple, Open Source, etc) has bugs in it. Even OpenBSD, which is the most secure OS on the planet, has faults. Why do you think that Steve Jobs won't let Mac OSX run on standard PC hardware? Because he want's total control over the hardware, the software, and your life. Bill Gates just wants to control the software, and he does. The pirmary reason why I went with Windows was hardware versatility. I also run FreeBSD systems too. As another reader posted...."With 95% of the home market, Microsoft doesn't need a 'worthless mouthpeice'." "You and any of your socalled journalists should be ashamed of yourselves." And you should be ashamed of yourself for writing such a worthless post in a public forum. Your useless contribution to humanity is not wanted or needed.; Like this

Lust for page views spurs really badly distorted article (again)
by M C May 12, 2006 3:45 PM PDT: Apple issued system updates. Because they actually fix something, CNet goes with the FUD headline. Keep raking the muck, News.com.; Like this Reply to this comment

Lust for page views spurs really badly distorted article (again)
by M C May 12, 2006 3:45 PM PDT: Apple issued system updates. Because they actually fix something, CNet goes with the FUD headline. Keep raking the muck, News.com.; Like this Reply to this comment

Blown out of proportion

by Lance K Wig May 12, 2006 3:55 PM PDT

All these articles are popping up all over the net about how the Mac is just as much at risk for viruses as Windows. Someone needs money. All the anti-virus firms were pretty upset when they lost sales of Mac anti-virus software. After realizing how solid Mac OS X was, a lot of Mac owners just stopped buying it. Wouldn't it be nice to blow the fear up so they can sell more? NOTHING SELLS BETTER THAN FEAR The PC Mafia has had a stranglehold on the market for some time. They've gotten lazy and I dare say, a little afraid of what Apple has up it's sleeve. What better method of staying on top than accentuate the vulnerabilities of the competition. OS X is built on UNIX and that is harder to crack than Windows as another reader pointed out. Why do you thinks banks and governments run UNIX? Many of the super user features on a Mac are locked by default. I seriously don't believe that the Mac is equally as vulnerable as Windows. It think it much more fair to say that there are some viruses for the Mac and they squash those pretty quickly.

Like this Reply to this comment

the facts
by Maverick18x May 13, 2006 3:32 PM PDT: "I think it much more fair to say that there are some viruses for the Mac and they squash those pretty quickly." The facts: There have been two pieces of malware ever written for Mac OS X. Two. Neither successfully self propagated using the internet. (I believe one was bluetooth. What a joke.) Current Mac virus count: 0. Not saying it can't be done, just that it hasn't been done in the 6 years OS X has been on the Mac.; Like this

Blown out of proportion

by Lance K Wig May 12, 2006 3:55 PM PDT

Like this Reply to this comment

the facts
by Maverick18x May 13, 2006 3:32 PM PDT: "I think it much more fair to say that there are some viruses for the Mac and they squash those pretty quickly." The facts: There have been two pieces of malware ever written for Mac OS X. Two. Neither successfully self propagated using the internet. (I believe one was bluetooth. What a joke.) Current Mac virus count: 0. Not saying it can't be done, just that it hasn't been done in the 6 years OS X has been on the Mac.; Like this

Mac viruses?!? Let's put this in perspective...

by Dru richman May 12, 2006 4:03 PM PDT

Walt Mossberg, 'one of the most respected technology experts on the planet' wrote: There is no sudden security crisis on the Apple Macintosh platform. In fact, for average Mac users, there isn't a security threat of any significance, at least not yet. It is laughable to compare the real, massive and burdensome security problems on Windows with the largely theoretical security problem on the Mac. As I have said in the past, no operating system is invulnerable to attack, including Apple's Mac OS X operating system, which powers Macintosh computers. It is possible to write malicious software for the Mac, including viruses and spyware, and it is possible for this software to spread in the wild, infecting many Macs. However, despite what you may have heard, this hasn't happened to any degree that matters, yet. As of today, there have been exactly two documented, successful pieces of malicious software -- viruses, trojan horses, worms -- that affected users of the Mac OS X operating system, since it was released in 2001. And these two failed to spread much, affecting probably a few dozen people, and doing no harm. I expect there to be a small number of additional Mac viruses this year. By contrast, there are over 100,000 reported viruses for Windows, some of which have affected millions of people and have done significant economic damage. As for spyware, I know of no documented cases on Mac OS X, while there are certainly thousands on Windows. These Windows viruses and spyware can't run on the Mac operating system, even on Macs powered by the same Intel processors used by Windows PCs. The recent publicity concerns theoretical vulnerabilities that security firms have identified in Apple's operating system. These vulnerabilities, like similar vulnerabilities in Windows, aren't necessarily being exploited. Like Microsoft, Apple fixes vulnerabilities as they are identified. But some critics say Apple does this too slowly. Security firms are saying that the discovery of these vulnerabilities in the Mac has increased sharply lately. They say that based on past patterns, this should yield a sharp increase in the number of Mac viruses in coming years. But even a "sharp" increase could well mean under 50 viruses by 2008. So my advice to Mac users is that at the moment, I see no reason to buy and run security software, which is in itself costly and can degrade your computing experience. But you should make up your own mind, based on your tolerance for risk. Here's a test you can use. Imagine you live in a neighborhood that has suffered only a couple of ambiguous, harmless burglaries over five years, even though the neighborhood is surrounded by much higher-crime areas. If you would buy a burglar alarm in such a neighborhood, then buy Mac security software. Otherwise, don't. Just turn on Apple's built-in firewall and relax. There is one exception: If you are running Windows on one of the new Intel Macs, you are just like a Windows user, and you must run Windows security programs when using Windows.

Like this Reply to this comment

They aren't talking about viruses
by Jackson Cracker May 12, 2006 6:19 PM PDT: Try reading the article next time. It mentions simple data files, like a JPEG image someone might download.; Like this View reply Hide reply
Processing

Correction...
by RideMan May 14, 2006 6:58 PM PDT: "There is one exception: If you are running Windows on one of the new Intel Macs, you are just like a Windows user, and you must run Windows security programs when using Windows." Correction: If you are running Windows on one of the new Intel Macs, you ARE a Windows user, and you must run Windows security programs when using Windows.; Like this

Mac viruses?!? Let's put this in perspective...

by Dru richman May 12, 2006 4:03 PM PDT

Like this Reply to this comment

They aren't talking about viruses
by Jackson Cracker May 12, 2006 6:19 PM PDT: Try reading the article next time. It mentions simple data files, like a JPEG image someone might download.; Like this View reply Hide reply
Processing

Correction...
by RideMan May 14, 2006 6:58 PM PDT: "There is one exception: If you are running Windows on one of the new Intel Macs, you are just like a Windows user, and you must run Windows security programs when using Windows." Correction: If you are running Windows on one of the new Intel Macs, you ARE a Windows user, and you must run Windows security programs when using Windows.; Like this

You call yourself a writer?

by nerdngeek May 12, 2006 4:08 PM PDT

Joris Evers sounds more like a made up name by the CNET staff... What did you guys do? Write some script that auto-posts anti-apple JUNK on your C-Net website? (if you did, that's very cleaver... oh - oh, maybe I gave you an idea - ). This is REALLY one of the worst one sided articles I have ever read in my life. You guys should be ashamed! I'm not an apple fan-boy or whatever, I just started using Mac OS X a few months ago and don't even own an iPod... I have to say that OS X and Win XP are not on the same category... For people who DON'T KNOW! (aka - ignorant people), OS X is a much superior operating system without a doubt. I have been runnig my machine for 7 months. Not a freeze on sight, not a spyware, virus, malware, etc... AND don't give me the quick-way-out response that: "oh, there is no one using Macs anyways, that's why there are not viruses".. think again. I was just at a technology conference last week and I saw nothing but macs (this was no mac convention btw) Back to the subject... Bad article, don't quit your day job.

Like this Reply to this comment

so silly
by slaha11 May 13, 2006 2:23 AM PDT: why u guys are so offensive when somebody writes a virus for Mac? Just bcos Mac is used by a handful ppl, there is no virus. Bcos if i am a virus programmer, i would like to target maximum ppl, bcos that makes sense. Do u think that ppl out there dont know how to write virus/worm for Mac? If u think that, u r more than stupid! This is just the beginning... and it wont take mush days that ur Mac is affected by virus... wait and see. and then again come back and post message. Till then enjoy being minority!; Like this

Why so defensive?
by ScottMo May 13, 2006 2:43 AM PDT: <This is REALLY one of the worst one sided articles I have ever read in my life. You guys should be ashamed! I'm not an apple fan-boy or whatever, I just started using Mac OS X a few months ago > One sided? What side is that? Those that are against compromised computers? And, sorry to say, you a fan-boy. You did what ALL fan-boys do: 1) Attack the messager ("Bad article, don't quit your day job.") 2) State that your favorite is obviously vastly better (",,OS X is a much superior operating system without a doubt") than all others; 3) Claim the publication hates your favotite ("..auto-posts anti-apple JUNK on your C-Net website") 4) Claim that those who don't agree with you are blind in some way ("...For people who DON'T KNOW! (aka - ignorant people)...") Its really sad how some fanboys can't see that all OS are exploitable (certainly some more than others) but can't see the positives in the OS company releasing updates to close off exploits. Or in a software company releasing patches for a media player. For the record, I have WindowsXP, Windows 2000, Linux (PC Linux OS) and Mac OSX (G5) in my home / office. They all have their strenghts/weaknesses.; Like this

You call yourself a writer?

by nerdngeek May 12, 2006 4:08 PM PDT

Like this Reply to this comment

so silly
by slaha11 May 13, 2006 2:23 AM PDT: why u guys are so offensive when somebody writes a virus for Mac? Just bcos Mac is used by a handful ppl, there is no virus. Bcos if i am a virus programmer, i would like to target maximum ppl, bcos that makes sense. Do u think that ppl out there dont know how to write virus/worm for Mac? If u think that, u r more than stupid! This is just the beginning... and it wont take mush days that ur Mac is affected by virus... wait and see. and then again come back and post message. Till then enjoy being minority!; Like this

Why so defensive?
by ScottMo May 13, 2006 2:43 AM PDT: <This is REALLY one of the worst one sided articles I have ever read in my life. You guys should be ashamed! I'm not an apple fan-boy or whatever, I just started using Mac OS X a few months ago > One sided? What side is that? Those that are against compromised computers? And, sorry to say, you a fan-boy. You did what ALL fan-boys do: 1) Attack the messager ("Bad article, don't quit your day job.") 2) State that your favorite is obviously vastly better (",,OS X is a much superior operating system without a doubt") than all others; 3) Claim the publication hates your favotite ("..auto-posts anti-apple JUNK on your C-Net website") 4) Claim that those who don't agree with you are blind in some way ("...For people who DON'T KNOW! (aka - ignorant people)...") Its really sad how some fanboys can't see that all OS are exploitable (certainly some more than others) but can't see the positives in the OS company releasing updates to close off exploits. Or in a software company releasing patches for a media player. For the record, I have WindowsXP, Windows 2000, Linux (PC Linux OS) and Mac OSX (G5) in my home / office. They all have their strenghts/weaknesses.; Like this

Come on Joris...
by Terry Murphy May 12, 2006 6:35 PM PDT: I'm not going to make the charge of anti-mac bias, because this is simply really bad journalism regardless. Among the many errors in this article: "All of the vulnerabilities exist because of errors in the way the media player software handles certain files. Specially crafted files in certain media formats--including JPEG, QuickTime, Flash, MPEG4 and AVI--could allow an intruder to hijack a vulnerable system, Apple said in an advisory." In fact, Apple said no such thing in its advisory. What it did say that the maliciously crafted files - in many cases corrupt files - could cause an "application crash" or "arbitrary code execution" You seem to have misconstrued the execution of arbitrary code as tantamount to successfully hijacking a vulnerable system. Among other things, that presupposes the target, intent, and capability of the code string, and also ignores other security measures at the OS level designed to prevent the system from being "hijacked" in the first place by an intruder. "Apple added the [download validation] function in a security update released in early March." In fact, download validation has been a feature of OS X since at least the introduction of Tiger. The security update you referenced modified the function so it would be more robust in validating downloaded files. I don't mind articles that sound an alarmist tone in order to get the attention of users who should patch their installation. But frankly Joris, your scribblings regarding Apple, OS X, and security are frightfully amateurish. I look forward to greater care on your part when you research your next article pertaining to Apple and security.; Like this Reply to this comment

Come on Joris...
by Terry Murphy May 12, 2006 6:35 PM PDT: I'm not going to make the charge of anti-mac bias, because this is simply really bad journalism regardless. Among the many errors in this article: "All of the vulnerabilities exist because of errors in the way the media player software handles certain files. Specially crafted files in certain media formats--including JPEG, QuickTime, Flash, MPEG4 and AVI--could allow an intruder to hijack a vulnerable system, Apple said in an advisory." In fact, Apple said no such thing in its advisory. What it did say that the maliciously crafted files - in many cases corrupt files - could cause an "application crash" or "arbitrary code execution" You seem to have misconstrued the execution of arbitrary code as tantamount to successfully hijacking a vulnerable system. Among other things, that presupposes the target, intent, and capability of the code string, and also ignores other security measures at the OS level designed to prevent the system from being "hijacked" in the first place by an intruder. "Apple added the [download validation] function in a security update released in early March." In fact, download validation has been a feature of OS X since at least the introduction of Tiger. The security update you referenced modified the function so it would be more robust in validating downloaded files. I don't mind articles that sound an alarmist tone in order to get the attention of users who should patch their installation. But frankly Joris, your scribblings regarding Apple, OS X, and security are frightfully amateurish. I look forward to greater care on your part when you research your next article pertaining to Apple and security.; Like this Reply to this comment

Nothing New on the PC side of things.
by ServedUp May 12, 2006 8:06 PM PDT: I'm sure that can be remedied quickly. Again nothing new on the PC side of things. I'm sure their use to it already.; Like this Reply to this comment

Nothing New on the PC side of things.
by ServedUp May 12, 2006 8:06 PM PDT: I'm sure that can be remedied quickly. Again nothing new on the PC side of things. I'm sure their use to it already.; Like this Reply to this comment

Showing 1 of 3 pages (162 Comments)

Latest tech news headlines

Micron to buy Numonyx for $1.27 billion
Posted in Nanotech - The Circuits Blog by Brooke Crothers

February 9, 2010 8:35 PM PST
Rafe and Josh debate Google's Buzz
Posted in Webware by Rafe Needleman, Josh Lowensohn

February 9, 2010 6:10 PM PST
YouTube's traffic data for music questioned
Posted in Media Maverick by Greg Sandoval

February 9, 2010 5:07 PM PST
See all headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Markets: Market news, charts, SEC filings, and more; Related quotes; Microsoft (1.05%) 0.29 28.01; Apple (1.07%) 2.07 196.19; Dow Jones Industrials (1.52%) 150.25 10,058.64; S&P 500 (1.30%) 13.78 1,070.52; NASDAQ (1.17%) 24.82 2,150.87; CNET TECH (1.12%) 16.96 1,524.71

Inside CNET News

Scroll Left Scroll Right

Nanotech - The Circuits Blog
Micron to buy Numonyx for $1.27 billion
One of the world's largest flash memory makers agrees to be acquired by Micron Technology in a deal worth approximately $1.27 billion.
Gallery
Images: Stewart Butterfield's new gaming start-up
Software, Interrupted
Big IT vendors overcomplicating the cloud
CA and NetApp have joined together on cloud offerings. But are they missing the point of simplifying enterprise IT?
Beyond Binary
Olympic snow still in short supply at Cypress
Olympic organizers have now shortened training, stepped up trucking of snow, and even turned to adding dry ice to the mix to make sure the venue is ready for the start of the Games.
Video
CNET first look at Google Buzz
Media Maverick
YouTube's traffic data for music questioned
The number of visitors to Warner Music Group's YouTube videos doubled in January and outpaced the much larger Vevo. But those numbers are now being questioned.
Video
Apple iPad: Is it for you?
The Social
Brangelina kiss lands Paul Allen on TMZ
The Microsoft co-founder appears to have gotten chummy with the Hollywood power couple, even chilling with them in the same box at the Super Bowl last weekend.
Crave
Intel taps student's robot for processor demo
University of Arizona engineering student creates a six-legged Atom-powered bot that can "learn" to walk on its own, and Intel brings it along on the company road show.
Gallery
Next-generation 747 takes first air (photos)
Crave
Panasonic updates 3-chip camcorders
Though Panasonic's replacements for its 300 series' models have relatively minor updates, they seem like nice enhancements.
Green Tech
A Toyota Prius owner waits for the recall
Last summer, CNET's Martin LaMonica wanted to see if his new Prius could hit the magic 50-mpg mark. Now he's wondering when his spiffy hybrid will get a fix for faulty brakes.