If you haven’t patch yet, then please do.
How do I know if I’m patched?
Click “About This Mac” and it should display Mac OS X version 10.5.7. You can do the same if you are using Safari by clicking “About Safari”, this should display Safari 4 (beta).
Why it is important to patch?
There are critical vulnerabilities that could allow malicious user (hacker, malware) to snoop and steal your information in background. Let me sight examples from vulnerabilities that has captured media attention (so, it means many attackers are aware of this).
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.6, Mac OS X Server v10.5.6
Impact: Accessing a maliciously crafted feed: URL may lead to arbitrary code execution.
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Solution: The critical issue has been addressed in Security Update 2009-002
Impact: Mounting a maliciously crafted disk image may lead to an unexpected application termination or arbitrary code execution.
This is very critical the fact that browser like Safari has enabled “Open safe files after downloading” by default. You can turn off this option in Safari by following the instructions below:
1. Open Safari
2. Open “Preferences” under the “Safari” menu
3. Click on the “General” tab
4. Un-check the “Open ‘safe’ files after downloading” box
5. Close Safari’s preferences
Another in-the-wild exploited PDF so better patch!
It’s not surprising if we have another zero day in MS office. Evidently, there is a continuous attack on these (Doc, Excel, PPT) file formats .
Just to keep diary, here are references as published days ago:
[ http://www.worldtimezone.com/ ]
It’s now April 01 in New Zealand and in few minutes here in Australia then followed by Asia, Africa, Europe and America. This high profile internet worm will start triggering its payload which is the generation of 50,000 domain names. However, it will only choose 500 randomly to call home.
Everyone is eyeing for what’s next.
More information has surfaced about the botnet “psyb0t,” the first known to be capable of directly infecting home routers and cable/DSL modems.
It was first observed infecting a Netcomm NB5 modem/router in Australia.
Further read @ http://blogs.zdnet.com/BTL/?p=15197
Further read @ http://www.dronebl.org/blog/8
Analysis @ http://www.adam.com.au/bogaurd/PSYB0T.pdf