The Mac Observer

Skip navigational links

You're viewing an article in TMO's historic archive vault. Here, we've preserved the comments and how the site looked along with the article. Use this link to view the article on our current site:
SANS Institute Sees 'Rapid Growth' in OS X Vulnerabilities

SANS Institute Sees 'Rapid Growth' in OS X Vulnerabilities

by , 4:00 PM EDT, May 1st, 2006

The SANS Institute on Monday updated its Top 20 list of Internet vulnerabilities, noting "rapid growth in critical vulnerabilities in Mac OS X, including a zero-day vulnerability." The security firm acknowledged that the operating system "still remains safer than Windows, but its reputation for offering a bullet-proof alternative is in tatters."

SANS defines a zero-day vulnerability as one that "causes damage to users even before the vendor makes a patch available." In the case of Mac OS X, Safari was susceptible to a flaw that automatically downloaded and executed a malicious file simply by browsing to a specific Web site. Apple fixed it, "but almost immediately had to issue a second patch to stop another attack involving email attachments," according to the SANS report.

SANS noted: "As attackers are increasingly turning their attention to the platform, OS/X vulnerabilities are being discovered at a rapid pace, which could erode this safety in the future."

Apple wasn't alone in getting dinged for critical vulnerabilities, however. SANS also pointed to "continuing discovery of multiple zero-day vulnerabilities in Internet Explorer," as well as "rapid growth in critical Firefox and Mozilla vulnerabilities." File-based attacks, especially those involving media and image files as well as Microsoft Excel documents, continue to surge too.

On the positive side, SANS also saw "substantial decline in the number of critical vulnerabilities in Windows Services," although trend turned into a wash for Microsoft because of the other problems documented by the firm.

Recent TMO Headlines - Updated October 25th

Tue, 9:46 AM
AAPL Q4 2016 Earnings Report Coverage this Afternoon
Tue, 9:00 AM
Last Chance for The Award-Winning Mac Bundle
Tue, 8:00 AM
The 20 CDs Steve Jobs Gave Journalists with the First iPod
Mon, 6:43 PM
Apple Fixes Two-Factor Authentication Setup Bug
Mon, 6:22 PM
Anticipation and Joy: Abusing Autonomous Cars For Fun
Mon, 6:10 PM
Dyn DDoS Attack Shows IoT's Inherent Security Weakness
Mon, 3:46 PM
TMO Background Mode: Interview with Author and Podcaster David Sparks
Mon, 2:05 PM
Apple Releases watchOS 3.1 with Charging Fix, Message Effects Improvements, More
Mon, 1:51 PM
Apple Releases macOS Sierra 10.12.1 with Improved Apple Watch Unlock, More
Mon, 1:45 PM
TMO Daily Observations 2016-10-24: DDOS Attacks, Internet of Things, and HomeKit Security
Mon, 1:20 PM
Apple Releases iOS 10.1 with Portrait Camera for iPhone 7 Plus, Replay iMessage Effects, More
Mon, 11:32 AM
AT&T to Buy Time Warner in $85.4B Deal
  • __________
  • Buy Stuff, Support TMO!
  • Podcast: Mac Geek Gab
  • Podcast: Apple Weekly Report
  • TMO on Twitter!