From the San Diego Union-Tribune:

"SAN FRANCISCO – Benjamin Daines was browsing the Web when he clicked on a series of links promising to deliver pictures of an unreleased update to a computer operating system.
Instead, a window opened on his screen and showed strange commands being run, as if the computer was under the control of someone – or something – else.

Daines was the victim of a computer virus.

Such headaches are hardly unusual for computer users that run Microsoft Corp.'s Windows operating system. Daines, however, was using a Mac – a computer often touted as being more secure and immune to such risks.

He and at least one other person who clicked on the links were infected by what security experts call the first ever virus for OS X, the operating system that has shipped with every Mac sold since 2001..."

http://www.signonsandiego.com/news/tech/20060424-0012-ca-applesecurity.html

A computer virus?? B....t He was running a Trojan which if you frequent obscure sites sites which promise pictures of an 'unreleased operating system' is what you are likely to get.

The normal rules of common sense apply to Macs as they do to any other computer.

Quote

Al Swearengen wrote:
From the San Diego Union-Tribune:

"SAN FRANCISCO – Benjamin Daines was browsing the Web when he clicked on a series of links promising to deliver pictures of an unreleased update to a computer operating system.

There is no system computer, process, mechanical, or otherwise that can't be brought down by stupidity.

Makes me wonder; do we worry about "security vulnerabilities when stuff is stolen from unlocked houses. How about when cars are stolen when the keys are left in them? No, we tell the user to use common sense. There are a lot of users out there of all OS's that need a good dope-slap every day until they wise up.

It's one thing to have a vulnerability that allows someone to take control of your system down the wire without your knowing it. It's another to demand a system that will never be compromised no matter how hard the user tries. Though this is a vulnerability that Apple needs to fix, it's not the same thing as much of what I see, and patch in Windows systems.

Quote

Guest wrote:
A computer virus?? B....t He was running a Trojan which if you frequent obscure sites sites which promise pictures of an 'unreleased operating system' is what you are likely to get.

The normal rules of common sense apply to Macs as they do to any other computer.

I'm sorry but displaying an image in your web browser does not constitute "running a trojan". There are certain activities which, by definition, should be safe. This would be like blaming the user if the next version of Office shipped with a virus in the installer on the CD. That's not the user's fault.

Quote

I'm sorry but displaying an image in your web browser does not constitute "running a trojan". There are certain activities which, by definition, should be safe.

Quite true, but going out to an unknown web site is opening yourself up to getting nailed. Downloading .zip files from some site out on the web when you don't know how trustworthy it is is opening yourself up to getting nailed. I have a number of users that kept getting infected. I found that they were going out to game sites on their lunch hour and during breaks to download games or play them on-line. They kept getting infected even though I told them over and over that those sites weren't safe and they should not use them. The only time they complained louder was when I started blocking those sites and preventing downloading on their machines. In this case I don't blame the system (in this case Windows), it was the users and they would have brought down the most secure and patched system in the world.

Now don't get me wrong, Apple needs to get these vulnerabilities patched but quick. I just get annoyed with those (and I'm not saying you are doing this) that try to equate the comparatively small number of vulnerabilities in OS-X with the hundreds in Windows. To try to equate the vulnerabilities that require user intervention and risky behavior with the vulnerabilities in Windows that allow any script-kiddie to climb down their broadband wire and set up a server in the background on their box.

Apple needs to keep working hard close these holes. However maybe Apple shouldn't be compared to Windows in this area. How many vulnerabilities does OS-X get per year compared to, say RedHat, or SuSE, or Solarus? What is the nature of these vulnerabilities? I get daily bulletins on system vulnerabilities and everyone has a few. Heck, Cisco routers have to be patched every once in a while. The question is not are their vulnerabilities. The question is how risky they are.

This problem has been covered before and it is not a Virus. This is a buffer overflow issure with KHTML rendering in Safari. Some people have problems with this other's do not. Here's a link to the article I found which was dated December of 2005:

http://www.securiteam.com/securitynews/6C00M2AEUY.html

Also here's a MacNN article that covered this same topic almost three weeks ago.

http://www.security-protocols.com/sp-x24-advisory.php

Benjamin Daines's name should go down as the exemplar of unsafe surfing. You do not go hunting for an "unreleased update to a computer operating system" and NOT expect to get a virus or nasty of some other kind. C'mon, this doesn't count as a Mac virus! He went out and found it, and installed it himself.