Mac Virus for Sale?

UPDATE: About 8 hours after posting the information below, the site is off-line. It is likely to remain so.

A curious web site has popped up: Miguel García Carmen’s site selling a Mac OS X virus. This person seems a bit megalomaniacal, writing, “MIGUEL GARCÍA CARMEN, this is the name APPLE will have to engrave in stone and STEVE JOBS will never forget, since this man has been the first to ever make such a file that when you uncompress it, it KO’s the system and Hard Drive. ” (The site in question is in Spanish; we have translated the text to present it here. Also, the site was created on July 21, the day the domain hosting it was registered.)

This person claims to have created a system virus that affects Mac OS X. “The goal of this file is to demonstrate after so many hours of work that it is actually possible to harm the latest Leopard 10.5.4 operating system.” But rather than give this information to Apple, or to other security researchers, Carmen is auctioning it off. (As of this writing, the highest bid is EUR 4,778, or $7,606.) Like something out of a bad spy novel, he claims that, “The file will be delivered in person and a test will be performed in front of the buyer so he can verify it is not a fraud.” Hmm… We wonder.

Carmen includes a video on the site, which shows something happening after he extracts a Zip archive. The hard disk icons on the desktop of his Mac flash; what that means, we don’t know, but we’ll stay on top of this in case Carmen is telling the truth.

(FWIW, we made PDFs of the web pages on the site, and copies of the site’s whois records, in the case that the site would go off-line…)

Choosing a Mac Antivirus: Reasons 10 to 12

10 - Products designed for the enterprise

In addition to VirusBarrier X5, Intego offers two server-side antivirus solutions: VirusBarrier Server and VirusBarrier Mail Gateway. These programs are designed for companies running Mac OS X Server, and protect all Macs on corporate networks from viruses and malware arriving via e-mail, or in files that are placed on file servers.

11 - Intego offers its antivirus software for older versions of Mac OS

Many companies have Macs running older versions of Mac OS X. While Intego’s current software is compatible with Mac OS X 10.4 (Tiger) and higher, and is fully optimized for Mac OS X 10.5 (Leopard), we can also provide versions of VirusBarrier that will run on older versions of Mac OS X; or even Mac OS 8 or 9 if needed. In addition, all Intego software is available in five languages: English, French, Japanese, German and Spanish.

12 - Intego’s Dual Protection products protect Macs and Windows running on a Mac

Running Windows on a Mac is possible with today’s Intel-based Macs, but this opens up a whole new range of security threats. Intego has joined forces with BitDefender, the top PC security vendor, to offer Intego Dual Protection products. These packages include Intego’s VirusBarrier together with the latest Windows antivirus for Windows from BitDefender, so Macs running Windows have dual protection.

Firefox Update Fixes Three Critical Flaws

The Mozilla Foundation has issued another update to its Firefox browser, patching three critical security flaws. The bugs patched are a crash with malformed GIF file on Mac OS X, the possibility of command-line URLs launching multiple tabs when Firefox is not running, and remote code execution by overflowing CSS reference counter. If you are using Firefox 3, you should update the program by using the program’s internal updater (choose Help > Check for Updates), or by downloading the latest version.

Intego VirusBarrier X5 is the First Antivirus to Scan the iPhone and iPod touch

Not only Macs are at risk from malware; now that users can install applications on the iPhone and iPod touch, these devices are open to attack as well. Intego, the Macintosh security specialist, today announced the release of VirusBarrier X5 10.5.3, an update to its acclaimed antivirus software that Macworld calls “the gold standard”. This new version adds the ability to scan the iPhone and iPod touch for malware. VirusBarrier X5 is the only antivirus software that can eradicate malware from the iPhone and iPod touch.

Now that Apple has made it possible for users to add applications to the iPhone and iPod touch, there is a risk of installing applications that can harm these devices, or take control of them. And users “jailbreaking” (unlocking) an iPhone or iPod touch can install even more applications, increasing this risk. There are a number of security vulnerabilities that make these devices susceptible to attack; exploits for these vulnerabilities can be found easily, and future exploits are certain to be discovered.

VirusBarrier X5 now offers the ability to scan files and applications on the iPhone and iPod touch in search of malware or files that indicate that exploits have compromised the devices. Users connect an iPhone or iPod touch to their Mac, then choose the device and scan it with VirusBarrier X5.

When scanning an iPhone or iPod touch, VirusBarrier X5 copies all the files contained on the device to the user’s startup volume in order to verify their security. If any malware or infected files are found, VirusBarrier X5 alerts the user and offers to repair or delete the infected files.

“With the release of the iPhone 2.0 software, and the ability to add applications, users are facing new vectors of attack,” said Laurent Marteau, Intego’s CEO. “It is essential that we not only protect Mac users from malware, but also protect their iPhone and iPod touch at the same time.”

VirusBarrier X5 10.5.3 is available now. This version is a free upgrade for all users of VirusBarrier X5, and is available for download via NetUpdate, Intego’s automatic update tool. For more information, or to download a demo version of VirusBarrier X5, go to http://www.intego.com/virusbarrier.

Security Updates for Mozilla Firefox 2 and SeaMonkey

The Mozilla Foundation has released a security update for Firefox 2, patching two vulnerabilities (Command-line URLs launch multiple tabs when Firefox not running and Remote code execution by overflowing CSS reference count). Users still running Firefox 2 should update the program now; downloads are available from this page.

Mozilla SeaMonkey was also updated to fix a remote code execution by overflowing CSS reference counter issue. The latest version of SeaMonkey can be downloaded here.

Macs Not Secure Enough for the Enterprise?

Infoworld has published a long article by Mac expert Glenn Fleishmann discussing the major security weaknesses of Mac OS X and why Macs are not secure enough for the Enterprise. Fleishmann doesn’t look for specific exploits or vulnerabilities, but rather at more global security issues in Mac OS X. These include the way Apple handles security updates (especially their unpredictability), the fact that third-party security flaws take too long to be patched, and Apple’s complacency about malware. Fleishmann’s points are all valid, and Apple will need to address these issues to fit better into the state of mind of corporate IT managers.

However, John Martello, writing at The Mac Observer, questions these points, saying that “the six arguments actually amount to a collection of shibboleths.”