BNET UK
silicon.com
ZDNet UK

Home
News
Blogs
Reviews
Videos
Jobs
Resources
Community

Leader
Comment
White Papers
Downloads
Special Reports

Hardware
Software
Communications
Internet
Security
IT Management
Emerging Tech
Leader

Group Blogs
News Blog
Post Room
Rupert's Diary

Hardware Reviews
Software Reviews
Editors' Choice
Buyer's Guides
Tech Guides
Competitions

Dialogue Box
Security threats
Server platforms
Mobile devices
Application development
Full video index

Articles
White Papers
Downloads
Companies
Broadband Speed Test

People
Competitions
Post Room
FAQ

You are here: ZDNet UK > News > Security

Security management Toolkit

Weekly security round-up

Tags:
Mac OS X,
Netscape,
BitKeeper,
Firefox

John McCormick Tech Republic

Published: 31 May 2005 15:50 BST

No single major security threat has emerged recently, so I've decided this week to concentrate on a hodgepodge of various important threats. While all of these threats are equally significant, there's no real underlying thread to unify them all. Nevertheless, these vulnerabilities are important to someone, so I'm using a different format this week to address all of the threats equally.

Apple update
Apple has released the Mac OS X 10.4.1 Update, part of which confirms the existence of a file disclosure vulnerability in the Bluetooth implementation of Mac OS X 10.4. A pair of file access vulnerabilities has also surfaced, but they're less critical because they only expose files locally. In addition, the update addresses a Dashboard widget vulnerability in Mac OS X 10.4, which can allow a malicious site to download Dashboard widgets without warning.

Browser woes
Netscape has apparently found the perfect way to combat Internet Explorer. According to reports, the recently released version 8 of the browser appears to break XML rendering if you try to run IE. Some people say this is unimportant; however, they apparently don't know about RSS.

In addition, a report on Angelfire points out that Netscape 8 relies on some IE code to render trusted pages — now that's taking an independent stand!

The same report includes a note that the author tried to run Netscape 8 on an old Windows version without IE installed, and Netscape won't work. So, that apparently means that Netscape is dependent on IE and therefore is likely vulnerable to Internet Explorer bugs, as well as Firefox and Mozilla bugs it hasn't yet patched (it's always a generation behind Mozilla and Firefox)! Can you say the worst of both worlds?

Also, users who rushed to download Netscape 8 (someone out there must have) need to download version 8.0.1 — released one day later — to fix the already known holes in Firefox 1.0.3, which served as the basis for Netscape 8. The moral here is that if you want to have the latest patches, you should probably stick to Firefox. And all of this comes out after AOL/Netscape bombarded users with ads about how secure the new Netscape version was going to be.

1 2

Did you find this article useful?
138 out of 311 people found this useful

Share this article:
Digg
Slashdot
Del.ici.ous
Stumble
Reddit

Company/Topic Alerts

Create a new alert from the list below:

Apple
Tiger
BitKeeper
Mac OS X

AOL
Firefox
Netscape

Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video

Install Flash Player plugin

Find out more: Microsoft exec outlines...

All videos
Most popular videos
Latest videos

Featured Talkback

In association with Network Liberation Movement

It seems to me this is a burden being placed on the wrong shoulders. There is not an It system in the world that can stop an individual taking information in their heads and spewing out at the nearest undesirable third party.