Stephen Withers
Thursday, 26 February 2009 09:10
Opinion and Analysis
Page 1 of 3
Mac users should pay attention to three recent security vulnerabilities involving mainstream products. Two of them involve the same vendor, and so far only one has been patched.
Among the security vulnerabilities to hit the headlines recently, at least three have the potential to expose Mac OS X as well as Windows to malware.
First up there's the
Excel vulnerability. Microsoft officials say the affected versions of Excel are part of Office 2000, 2002, 2003, 2004, 2007 and 2008, and that the Open XML File Format Converter for Mac is also vulnerable.
The good news is that exploits have only been seen for Office 2007 running in Windows 2000 and XP, and that other versions are more likely to crash than execute the malware embedded in the rogue documents.
Furthermore, the vulnerability relates to the older binary .xls file format, not the current XML-based .xlsx format.
It also seems that the real-world attacks detected so far have been narrowly targeted.
While the risks are slight, it would seem wise to be especially cautious if an unexpected .xls file turns up in your email before Microsoft releases a patch.
Though it's not clear when that's likely to be, March's Patch Tuesday seems a likely target.
Vulnerability number two comes from Adobe - but Apple's implicated too. See
page two.
