Windows is still the whipping dog, with the largest market share, but more and more attention is being paid to Apple and their security problems, no matter how small. These will be taken more advantage of as their userbase increases. Not because people want to do Apple like they do Microsoft, it will be purely monetary concerns I am sure. As more people use Apple, the bigger the money made from maleware, spyware, etc.
McAfee has launched a Mac security product, saying that Apple Computer’s OS X is “just as vulnerable” as other operating systems are to targeted attacks.
The antivirus vendor introduced McAfee VirusScan for Mactel on Friday. To back up its statement, McAfee cited the release in March of a patch that fixed 20 vulnerabilities in OS X. A proof-of-concept worm that targeted the OS X platform was also discovered earlier this year.
“Historically, Microsoft has been targeted because it has had dominant market share. As there are more Apple users (in the future), more threats will appear,” Sal Viveros, a security expert at McAfee, told ZDNet UK. Source: News.com
In an article posted at news.com, John Thompson, CEO of Symantec, says we’re not going to whine about Microsoft competing with us in the security arena, and let’s face it, given Microsoft’s record with security, you can’t really blame him.
Microsoft is set to enter the security arena next year, but Symantec won’t compete by complaining to antitrust regulators or suing the software giant.
“We’re not looking to go whining to the EU or the DOJ for anything,” Symantec Chief Executive Officer John Thompson said Tuesday, referring to the European Union and the U.S. Department of Justice. Thompson was responding to questions from reporters after an event at the Commonwealth Club here.
Symantec, based in Cupertino, Calif., has responded to questions from EU competition authorities about its role in the security industry but has no intent to file a complaint about Microsoft, Thompson said.
“We’re not involved with anything with the EU,” Thompson said. “We don’t need competition in the courtrooms.” Instead, Thompson said Symantec will compete with its products, which he said are superior those Microsoft has yet to launch.
My experience with Symantec’s antivirus products has generally been good and a positive experience overall, although we did standardize on McAfee VirusScan, which I think is a better product. BUT, that does not be any stretch mean I wouldn’t dump them for a better product from Microsoft, especially if that product came already installed and ready to go. Microsoft may not do everything well, but they aren’t afraid to buy a company who does do it well and go from there. I like their anti spyware product and it’s ease of use, even though I don’t like some of the companies they mark as ignore, so there are tradeoff’s in almost every product. I’ll be cautiously pessimistic as always and try it out when they release it.
Kaspersky anitvirus software flaw was announced by a independent resercher, and Kaspersky has issued the following statement,
There has recently been a wide-ranging discussion in the mass media about a report by Alex Wheeler, an independent researcher, that a vulnerability related to processing files of the CAB format has been discovered in Kaspersky Lab antivirus products. Taking into account the close attention of the computer community, Kaspersky Lab considers it necessary to provide official comments on the incident.
The company confirms the presence of a vulnerability in a Kaspersky Anti-Virus module used to process CAB files. Taking advantage of this vulnerability results in a malfunction of the antivirus program. This effect is present only in the Windows environment and does not affect other operating systems.
The also confirmed that they have created a signature file that will detect any exploits, and that they will update their software soon to fix the flaw. Read more here.
Kaspersky issued the statement in response to a report on Monday of a flaw in its antivirus library. An attacker could exploit the heap overflow vulnerability to commandeer systems that run Kaspersky’s products, security researcher Alex Wheeler wrote in an advisory (download PDF).
“The actual threat posed by the…vulnerability is minimal and cannot affect the level of antivirus protection provided by Kaspersky Lab products,” the company said in the statement.
Wheeler informed Kaspersky of the flaw around Sept. 24, said Stephen Orenberg, president of Kaspersky’s North American operations. After an initial investigation, Kaspersky provided updated antivirus signatures on Sept. 29 to protect customers against attacks exploiting the flaw, he said. A final fix is due Wednesday, Orenberg said.
Well, this is a good idea and a long time coming, I’m sure everyone has been confused at some time in the past with viruses and their names, variants, etc. The Common Malware Enumeration initiative is meant to reduce the confusion caused by the different names security companies give viruses, owrms, and other pests.
“There is a lot of confusion over the way that malware is referred to,” Desiree Beck, the technical lead for the CME initiative, said in an interview. “We’re trying to alleviate that by giving malware a common identifier, so everybody is talking about the same thing when some malware event happens.”
The antivirus industry has tried, and failed, before to agree on common naming for worms and viruses. This time, US-CERT, the part of the U.S. Department of Homeland Security that coordinates response to cyberattacks, is running the show. With that in mind, and because the plan allows companies to keep their own naming by assigning an ID rather than a common name, security software makers are hopeful that the effort will be a success, and they’re eager to participate.
CME is not an attempt to solve the challenges involved with naming schemes for viruses and other forms of malware. Instead, CME is working with the security community to facilitate the adoption of a shared, neutral indexing capability for malware. An example of a CME identifier would be: CME-123.