![]() It may try to exploit holes in the Flash player plugin, for instance (that's one I'm seeing a lot of lately-on Macs it just crashes the browser, on Windows it silently downloads and runs malware) ir it might try to exploit known flaws in known browsers (like Internet Explorer flaws) or it might try to exploit something like a RealPlayer security hole. Once you have ended up on an attacker's site, whether that's by a poisoned banner ad or by clicking on a seeded link in Google or whatever, the site will often attempt an assortment of different exploits. The people, usually Eastern European organized crime, who distribute malware via compromised Web sites or poisoned banner ads will often rely on known security vulnerabilities in popular Web browsers or plugins in order to download malware. Just to be certain, though, which, if any, of your three "how-they-do-its" is vulnerable to an Apple Security Update? but that's not a very meaningful discussion.Įdit: note that —on those 3 pages there —the phrase “ arbitrary code executionâ€is a euphemism which (more often than not) actually means a cleverly crafted script could run (likely with root privileges, and thus do whatever it wants to). We could argue about whether or not that page actually exists and whether or not we might actually click that link, and conclude that it probably won't ever happen (and so the extra security may not be needed " necessarily"). and there is zero wisdom involved in not updating. It's really really really simple: known weaknesses get patched. then your computer will crash (or whatever), and mine won't. If we both visit some page and click on some link which contains code exploiting some vulnerability for which my OS/browser has been patched and yours hasn't. That's hardly the point, nor does it belong in this iPad thread (as presented). (I'm trying to put your post into perspective with the rest of the discussion.) ![]() Or, on the other hand, are they all simply "user beware" type threats? Tacit, I'm wondering if you missed the question I posed in my original response to this post, namely, which, if any, of your three "how-they-do-its" is of the nature that it can be prevented by an existing or future Apple Security Update? 19, 2010Īnyway, i hope members will choose to use this thread as a convenient one-stop place where useful security info can be either deposited or easily located. 30, 2010Īnd here's a small item i ran into today: The world is hacked, and it's users' fault - Feb. Scammers Cashing in on Facebook ‘Un named App’ Hoax - Jan.Yet Another Reputable Site Asks You to Install Rogue AV - Dec 18, 2009.Be Careful Clicking on the Google Doodle - Dec.Preview to a Possible Future of Rogue AV - Dec.The trends tacit taught us about continue today. but rather everyday places like, and various "worldpress" forums (who don't update their software and/or take sufficient precautions). ![]() 27, 2008Īs we have learned from the links above, the dangers out there are not limited to pr0n sites or pirate-laden p2p networks.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |