Let’s Make it Four

We thought that three security updates in three days was a lot for Apple, but the guys and gals in Cupertino must be going for some kind of record. The Digital Camera RAW Compatibility Update 2.0 released today includes a security fix for a problem with Adobe Digital Negative (DNG) files and Aperture 2 or iPhoto 7.1.2. So get out your Software Update preference pane and grab this update.

The big question is this: will they make it five tomorrow?

Three Days, Three Apple Security Updates

For the third day in a row, Apple has released a security update. This time for the Airport Extreme Base Station. The update corrects just a single flaw, “An input validation issue exists in the AirPort Extreme Base Station’s handling of AFP requests, which may cause file sharing to become unresponsive.” As always, it can be downloaded via the Software Update preference pane.

Intego’s Dual Protection Name Used by Symantec

Intego has learned that Symantec has released an antivirus product bearing the name Dual Protection. Intego is the owner of a trademark registration for the mark DP DUAL PROTECTION in France (registered on January 17, 2007) and an international trademark registration for that mark (registered on July 2, 2007) in the United States, the European Community (27 countries), Switzerland, Monaco, Australia, and Japan. In the United States, Intego has applied to the Patent and Trademark Office to register the DP DUAL PROTECTION mark; Intego claims rights to this mark in the United States. Intego also owns the domain name dualprotection.com, which it registered on January 15, 2007. Symantec’s use of the name Dual Protection is without authorization from Intego. Symantec is not affiliated with or connected to Intego, and Symantec’s products do not originate with Intego. Intego takes its trademark and intellectual property rights seriously, and plans to ensure that these rights are respected.

Intego has three Dual Protection products:

• VirusBarrier Dual Protection
• ContentBarrier Dual Protection
• Internet Security Barrier Dual Protection

Apple Releases Huge Security Update

Right on the heels of the latest version of Safari which connected 13 security vulnerabilities, Apple has released a huge security update patching just about every part of Mac OS X. With more than 80 holes plugged, Security Update 2008-002 is a monster.

It goes without saying that you should install this one as soon as you can. This is the largest number of vulnerabilities that Apple has ever patched at once, and some of the vulnerabilities are critical. Download and install the update using the Software Update preference pane.

Safari 3.1 Patches 13 Security Holes

Apple today released version 3.1 of its Safari web browser, which promises to make browsing faster, cooler and safer. The update, which provides faster page rendering, improvements to Javascript, and a host of other new features, also plugs 13 security vulnerabilities. They include the following:

• Visiting a maliciously crafted website may result in cross-site scripting
• Using Kotoeri reverse conversion on a password field displays the password
• Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

Naturally, you’ll grab the update because you want a better, faster browser, but don’t forget about the need to stay on top of security fixes for tools that are not only among the most used, but the most exposed to potential security threats. You can get the update using the Software Update preference pane. And you can find out all about the security fixes in this update here.

Malware Comes in Many Packages

In the old days, people worried about getting viruses from floppy disks. (Remember those?) Then, when the Internet started becoming popular, that became the leading vector for viruses, Trojan horses and other malware: if you download infected files or applications, you can get stung. But now there’s another vector for malware to worry about: gadgets.

We all have more and more electronic gadgets, and an increasing number of these devices connect to our computers. Our mobile phones, digital cameras, DVRs, digital picture frames, and much more, all transfer content to and from our computers. But did you know that, when you unbox these devices and connect them to your computer for the first time, they may be dangerous?

CNN reports that an increasing number of gadgets contain malware. One device - a digital picture frame purchased by a computer consultant for his elderly mother - contained four viruses, including one that steals passwords. Another contained malware that could even disable antivirus software.

How do these viruses got on these devices? “Security experts say the malicious software is apparently being loaded at the final stage of production, when gadgets are pulled from the assembly line and plugged in to a computer to make sure everything works. If the testing computer is infected - say, by a worker who used it to charge his own infected iPod - the digital germ can spread to anything else that gets plugged in.”

Most of these devices - like pretty much all the electronics we use - come from China, where quality control has been seen, in recent months, to be severely lacking. Even Apple got hit in late 2006: a number of iPods contained a Windows virus, and infected users’ computers. Apple claims that “we have seen less (sic) than 25 reports concerning this problem”, but we personally know one Mac user who got an infected iPod. Sure, this could be a one-in-a-million incident, but reports on blogs and forums suggest otherwise.

To be fair, no iPods have been seen to contain malware since that incident; Apple has certainly made sure that its suppliers don’t get caught again. But who knows about tomorrow? Naturally, we recommend that you use Intego VirusBarrier to protect yourself from viruses, and make sure your devices are safe. Because without solid antivirus protection, you run the risk of catching something from unexpected places.