LOL.... this is old news ( well, the secunia variant isnt) - its basically an option in the web browser that you can turn on to allow it to auto open files after you download. So, make sure it isnt turned on ( which it isnt by default) and the " virus" doesnt work.- This has been something that was addressed LAST year.... by telling people " Hey. Jackass. DONT turn on the "open safe files" if you browse the web a lot."--- this is basically someone else writing a little proof of concept file ( which by the way, I just downloaded and ran and didnt work on my machine- something about permissions) ---
still running 20+ macs and ne'rry a single virus ........ And having well over 2000 clients with macs without a SINGLE virus, trojan......spyware...adware..... sniffles....
Waiting for the inevitable " Its coming .. you just wait....!" from someone playing devils advocate for the windows side.......
BTW- just an odd thought- when did it become alright to advocate the devil?
;-)
Im not from the windows team... i dislike both OSX and windows.
"its basically an option in the web browser that you can turn on to allow it to auto open files after you download. So, make sure it isnt turned on ..."
Kind of like the vulnerability Outlook had a long while ago ...
"Hey. Jackass. DONT turn on the "open safe files" if you browse the web a lot."---
LOL -- Hey Jackass - Just because we say "open SAFE files" dosen't mean we actually know that they ARE safe to open!
No, that's really not true - until Apple patches the OS to change how ZIP files are handled, this is readily exploitable as a trojan. It would be wise to be wary of ZIP files from unknown or untrusted sources until then.
BTW- just an odd thought- when did it become alright to advocate the devil?
Not only is it "alright" ... It's a MUST .. re the cannonization of saints. It's sort of like, I'm not gonna' take as fact, my young son's word is true .. that the kid down the street, or across town, is OK for him to hang out with. It's my duty to check it out. "Trust, but verify."
Advocatus Diaboli
("Advocate of the Devil" or "Devil's Advocate").
A popular title given to one of the most important officers of the Sacred Congregation of Rites, established in 1587, by Sixtus V, to deal juridically with processes of beatification and canonization. His official title is Promoter of the Faith (Promotor Fidei). His duty requires him to prepare in writing all possible arguments, even at times seemingly slight, against the raising of any one to the honours of the altar. The interest and honour of the Church are concerned in preventing any one from receiving those honours whose death is not juridically proved to have been "precious in the sight of God" (see BEATIFICATION and CANONIZATION). Prospero Lamertini, afterwards Pope Benedict XIV (1740-58), was the Promoter of the Faith for twenty years, and had every opportunity to study the workings of the Church in this most important function; he was, therefore, peculiarly qualified to compose his monumental work "On the Beatification and Canonization of Saints," which contains the complete vindication of the rights of the Church in this matter, and sets forth historically its extreme care of the use of this right. No important act in the process of beatification or canonization is valid unless performed in the presence of the Promoter of the Faith formally recognized. His duty is to protest against the omission of the forms laid down, and to insist upon the consideration of any objection. The first formal mention of such an officer is found in the canonization of St. Lawrence Justinian under Leo X (1513-21). Urban VIII, in 1631, made his presence necessary, at least by deputy, for the validity of any act connected with the process of beatification or canonization.
http://www.newadvent.org/cathen/01168b.htm
Saints Alive! My MAC is clean!!
Actually, this particular bug would force Safari to open ZIP files, even if that option is turned off. I was affected by it (it never executed any programs—that I could see), but Apple seems to have fixed the problem in 10.4.5.
Just goes to re-iterate every software developer's core doctrine—there is NO bugproof software.
The Secunia variant is just that ... a re-writing of the same-old, same-old. It works the same way the original did two years ago... and adds nothing new.
Why are we seeing these FUD stories about Trojans being called "viruses" and retreads of old, long since patched security issues, popping up this last two weeks? Could it be because Apple is shipping the new Intel Dual Core MacBookPros and a lot of Windows users are seriously looking at purchasing one? Yup... I think that might be it.