Apple vulnerabilities
pile up, as attackers can’t do Windows 7

It may be redundant or rather uneasy, but Apple is getting
some bad attention while Microsoft shines in the limelight. As the new release
of Microsoft’s search engine, Bing, and the Windows 7 RC out – Apple begins to
wonder if attackers are targeting Mac OS X and related Apple products. In
addition, recent articles about a hacker saying “Mac OS X easiest to hack”
really do not help. As it pointed attackers in that direction, Apple knows
their next OS release will be stronger and better.


Quicktime, a recent “toy” of attackers, has had over 15
vulnerabilities this year alone. Earlier this year, many learned about the
seven vulnerabilities, which were client-side bugs that attackers exploited. On
June 1, 2009, Apple released an advisory for ten more vulnerabilities for
Quicktime, and a buffer overflow advisory for iTunes. Any user watching a video
online using Quicktime could be infected with a single click. Quicktime 7.6.2
and iTunes 8.2 are now available, as they have been patched.


Attackers exploit vulnerabilities by luring users in to
malicious traps, getting them to download the crafted videos. Drive-by attacks
and malware driven cyberterrorism is the key methods attackers use.
Cyberterrorism is known as the attempted software destruction of a target’s
computer to physically render it inoperable. Although they are not that severe,
if a specific high-risk infection were able to execute it on a user’s machine
successfully, it would mess up infrastructure and cause a slowdown of
business/activities.