[Tenchiro]

'Extremely Critical' Security Hole Found In Mac OS X
Tue May 18, 5:00 PM ET

Security research group Secunia is warning all Mac OS X (news - web sites) users about what it calls a "highly critical" vulnerability. The vulnerability, Secunia says, affects all Mac OS X users who surf the Web using either Apple Computer's Safari Web browsers or Microsoft's Internet Explorer.

Secunia originally published its advisory Monday, but upgraded it because of new exploits--small applications used to attack software flaws--that the firm became aware of Tuesday.

According to Secunia's advisory, two security flaws can be used by malicious Web sites to remotely access at-risk systems. The security holes have been confirmed on systems running Mac OS X with either Safari 1.2.1 or Internet Explorer 5.2, Secunia says.

MORE...

 

[spookymilk]

well, why don't we all un-plug are god-damned internet cables and switch to Linux?

 

[Toshi]

i know this is really old, but this deserves a rehash because:
a) secunia is full of bs. http://www.macdailynews.com/comments.php?id=P2943_0_1_0
b) this particular study is doubly full of bs: http://slashdot.org/articles/04/07/05/1530253.shtml?tid=126&tid=172 and http://appleturns.com/scene/?id=4792

a relevant quote from the slashdot comments:

XP: 22 remote access attacks, some open by default, all leading to system access.
OSX: 22 remote access attacks, none open by default, no remote system access attacks open by default.

Here's the statistic that I'm concerned about:

There has been one significant browser-based hole on OS X. In the same time there have been multiple exploited holes in IE, including almost the same hole that was found in Safari, and after almost 10 years of similar browser-based holes being found on a regular basis with Microsoft making no attempt whatsoever to fix the underlying design flaw that makes them inevitable.

sweet jeebus, there are legitimate gripes with os x. but when it has remarkably few exploits, NO SERVICES ON BY DEFAULT, and a grand total of one virus/trojan horse you would have to be either through the roof on crack or deluding yourself to claim that windows was more secure.