2007-01-28 08:16:06 · 7 answers · asked by Gotta Know 2 in Computers & Internet ➔ Security
Macs CAN get a virus just like any other kind of computer (such as PCs) but usually don't.
This is not because it is more protected than a computer running Windows but because the authors of viruses just don't MAKE Mac viruses. At least not many do...
Macs come with firewalls built in. This is part of the operating system and it is a pretty good and solid system to protect your machine.
I have run Macs and PCs for over 15 years now and have not yet had a Mac succumb to a single virus.
But run Adaware and other anti-virus protection for the PCs I have on a daily/weekly basis. I have lost two entire systems due to corruption caused by trojan viruses and I have been billed by a company for viruses which rerouted my phone! On a PC of course.
;-)
2007-01-28 08:26:27 · answer #1 · answered by Anonymous · 1⤊ 1⤋
Hello Gotta Know,
Ignore these Windows guys. They really don't know what they're talking about. There are NO viruses for the Macintosh. While Windows has had viruses every week or so (including Vista), the Mac hasn't had a virus in the last six years of Mac OS X.
There have been some "Proof-of-Concept" viruses that have been developed by anti-virus software developers. However they were not easily put on a Macintosh computer. You still need to put in your administrative password to get the virus to install.
Since the Mac uses a Unix kernel, it is really set up securely, the way a computer needs to be set up. Anything that you want installed onto your Macintosh requires you to type in your administrative password. You can't auto-install anything onto your Mac like you can with a Windows script attached to an e-mail.
I've seen computer viruses when my work got slammed by computer viruses. On the Mac it was just an executable file attachment in the e-mails. The Mac just deleted it. No problems.
Plus, Mac developers love their computer platform. They aren't twisted jerks like Windows virus programmers. Well, you've seen angry young Windows users and so you can see that attitude in their hacking these viruses. In the first year of programming class students learn how to create a simple virus script, so it's pretty darned easy on Windows and not as easy on Mac OS X.
That doesn't mean that there will never ever be a computer virus for the Mac, but right now, no.
--Rick
2007-01-28 08:46:03 · answer #2 · answered by rickrudge 6 · 1⤊ 1⤋
Macs, though not quite as PCs, do end up getting viruses and you should get some anti-virus to cover it. However, you don't have to pay a thing with the ones that I am going to suggest to you. The first one is a anti-viruses called AVG and Ad-Ware Personal. The best free firewall is Zonealarm. I have put the links where you can download them in my sources. They should run on your MAC.
2007-01-28 08:37:01 · answer #3 · answered by Anonymous · 1⤊ 0⤋
Ca Security offers a one year free trail of their anti-virus product any computer can be attacked by viruses.
2007-01-28 08:25:08 · answer #4 · answered by matconco 2 · 0⤊ 1⤋
i had norton anti virus and the firewall it made my pc slow and no longer able to get in sites and people touch me so on an identical time as license ran out i've got have been given been given AVG unfastened version, zone alarm firewall had those for 3 years no longer a situation.
2016-11-01 12:53:18 · answer #5 · answered by bason 4 · 0⤊ 0⤋
yes
it is a computer
2007-01-28 08:19:40 · answer #6 · answered by Elvis 7 · 1⤊ 0⤋
Rick, You are the one who doesn't know WTH you are talking about.
Here is a whole list of 27 different Apple exploits, including the holy grail of hacking, arbitrary remote code execution.
27 Telestream Flip4Mac WMV Parsing Memory Corruption Vulnerability Flip4Mac fails to properly handle WMV files with a crafted ASF_File_Properties_Object size field, leading to an exploitable memory corruption condition, which can be abused remotely for arbitrary code execution. MOAB-27-01-2007.wmv CVE-2007-0466
26 Apple Installer Package Filename Format String Vulnerability Apple Installer fails to properly handle package filename strings. It's a affected by a typical format string vulnerability, which can lead to a denial of service condition or arbitrary code execution. Not necessary CVE-2007-0465
25 Apple CFNetwork HTTP Response Denial of Service CFNetwork fails to handle certain HTTP responses properly, causing the _CFNetConnectionWillEnqueueRequests() function to dereference a NULL pointer, leading to a denial of service condition. MOAB-25-01-2007.rb
MOAB-25-01-2007.c CVE-2007-0464
24 Apple Software Update Catalog Filename Format String Vulnerability Software Update fails to properly handle the filename strings containing the swutmp extension. It's a affected by a typical format string vulnerability, which can lead to a denial of service condition or arbitrary code execution. Not necessary. CVE-2007-0463
23 Apple QuickDraw GetSrcBits32ARGB() Memory Corruption Vulnerability A vulnerability exists in the handling of ARGB records (Alpha RGB) within PICT images, that leads to an exploitable memory corruption condition. MOAB-23-01-2007.pct CVE-2007-0462
22 Apple UserNotificationCenter Privilege Escalation Vulnerability UserNotificationCenter retains wheel privileges on execution time, and still has a UID associated with the current user. Because of this, it> will attempt to run any InputManager provided by the user. Code within the input manager will run under wheel privileges. In combination with diskutil and a wheel-writable setuid binary, this allows unprivileged users to gain root privileges. MOAB-22-01-2007.rb CVE-2007-0023
21 System Preferences writeconfig Local Privilege Escalation Vulnerability The preference panes setuid helper, writeconfig, makes use of a shell script which lacks of PATH sanitization, allowing users to execute arbitrary binaries under root privileges. MOAB-21-01-2007.rb CVE-2007-0022
20 Apple iChat aim:// URL Handler Format String Vulnerability Apple iChat AIM URI scheme (referred as the 'url handler') handling is affected by a classic format string vulnerability, allowing remote users to cause a denial of service condition or arbitrary code execution. MOAB-20-01-2007.html CVE-2007-0021
19 Transmit.app ftps:// URL Handler Heap Buffer Overflow Transmit does not allocate enough space when dealing with the string passed on via the ftps:// URL handler, leading to an exploitable heap-based buffer overflow condition. MOAB-19-01-2007.html CVE-2007-0020
18 Rumpus Multiple Vulnerabilities rumpusd is vulnerable to different remotely exploitable heap-based buffer overflows, denial of service conditions and local privilege escalation issues. MOAB-18-01-2007.rb CVE-2007-0019
17 Apple SLP Daemon Service Registration Buffer Overflow Vulnerability slpd is vulnerable to a buffer overflow condition when processing the attr-list field of a registration request, leading to an exploitable denial of service condition and potential arbitrary execution. It would allow unprivileged local (and possibly remote) users to execute arbitrary code under root privileges. MOAB-17-01-2007.rb CVE-2007-0355
16 Multiple Colloquy IRC Format String Vulnerabilities Colloquy is vulnerable to a format string vulnerability in the handling of INVITE requests, that can be abused by remote users and requires no interaction at all, leading to a denial of service and potential arbitrary code execution. MOAB-16-01-2007.rb CVE-2007-0344
15 Multiple Mac OS X Local Privilege Escalation Vulnerabilities Multiple binaries inside the /Applications directory tree are setuid root, but remain writable by users in the admin group (ex. first user by default in a non-server Mac OS X installation), allowing privilege escalation. MOAB-15-01-2007.rb CVE-2007-0345
14 AppleTalk ATPsndrsp() Heap Buffer Overflow Vulnerability The _ATPsndrsp function is vulnerable to a heap-based buffer overflow condition, due to insufficient checking of user input. This leads to a denial of service condition and potential arbitrary code execution by unprivileged users. MOAB-14-01-2007.c CVE-2007-0236
13 Apple DMG HFS+ do_hfs_truncate() Denial of Service Vulnerability A specially crafted HFS+ filesystem in a DMG image can cause the do_hfs_truncate() function to panic the kernel (denial of service), when attempting to remove a file from the mounted filesystem. This issue can't lead to arbitrary code execution, although there's a significant risk of local HFS+ filesystems corruption. MOAB-13-01-2007.dmg.gz CVE-2006-5482 (similar old issue, UFS-based)
12 Apple DMG UFS ufs_lookup() Denial of Service Vulnerability A specially crafted UFS filesystem in a DMG image can cause the ufs_lookup() function to call ufs_dirbad() when a corrupted directory entry is being read, leading to a kernel panic (denial of service). This issue can't be abused for remote code execution. MOAB-12-01-2007.dmg.gz CVE-2007-0267
MOAB-11-01-2007
11 Apple DMG UFS byte_swap_sbin() Integer Overflow Vulnerability The byte_swap_sbin() function, one of the UFS byte swapping routines (this code isn't present in FreeBSD and it's Mac OS X XNU-specific; used for compatibility of filesystem streams between little and big-endian systems) is affected by a integer overflow vulnerability, leading to an exploitable denial of service condition. MOAB-11-01-2007.dmg.gz CVE-2007-0299
MOAB-10-01-2007
10 Apple DMG UFS ffs_mountfs() Integer Overflow Vulnerability The ffs_mountfs() function, part of the UFS filesystem handling code (shared between FreeBSD and Mac OS X XNU) is affected by an integer overflow vulnerability, leading to an exploitable denial of service condition and potential arbitrary code execution. MOAB-10-01-2007.dmg.gz CVE-2006-5679
MOKB-03-11-2006
MOKB-08-11-2006
9 Apple Finder DMG Volume Name Memory Corruption Finder is affected by a memory corruption vulnerability, which leads to an exploitable denial of service condition and potential arbitrary code execution, that can be triggered by DMG images. MOAB-09-01-2007.rb
MOAB-09-01-2007.dmg CVE-2007-0197
8 Application Enhancer (APE) Local Privilege Escalation Application Enhancer (APE) is affected by a local privilege escalation vulnerability which allows local users to gain root privileges. exploit-of-the-apes.rb CVE-2007-0162
7 OmniWeb Javascript alert() Format String Vulnerability OmniWeb is affected by a format string vulnerability in the handling of Javascript alert() function, which could allow remote arbitrary code execution. MOAB-07-01-2007.html CVE-2007-0148
6 Multiple Vendor PDF Document Catalog Handling Vulnerability The current PDF specification is affected by a design flaw, a rogue Pages entry or malicious catalog dictionary could cause a denial of service (memory corruption condition, memory leakage, etc) or potential arbitrary code execution in the reader application. MOAB-06-01-2007.pdf CVE-2007-0104
CVE-2007-0103
CVE-2007-0102
5 Apple DiskManagement BOM Local Privilege Escalation Vulnerability A vulnerability in the handling of BOM files by DiskManagement/diskutil allows to set rogue permissions on the filesystem. This can be used to execute arbitrary code and escalate privileges. MOAB-05-01-2007.rb
MOAB-05-01-2007_cron.rb CVE-2007-0117
4 iLife iPhoto Photocast XML title Format String Vulnerability A format string vulnerability in the handling of iPhoto XML feeds title field allows potential remote arbitrary code execution. MOAB-04-01-2007.rb CVE-2007-0051
3 Apple Quicktime HREFTrack Cross-Zone Scripting vulnerability A vulnerability in the handling of the HREFTrack field allows to perform cross-zone scripting, leading to potential remote arbitrary code execution. MOAB-03-01-2007.rb CVE-2007-0059
2 VLC Media Player udp:// Format String Vulnerability A vulnerability in the handling of the udp:// URL handler allows remote arbitrary code execution. VLCMediaSlayer-x86.pl
VLCMediaSlayer-ppc.pl CVE-2007-0017
1 Apple Quicktime rtsp URL Handler Stack-based Buffer Overflow A vulnerability in the handling of the rtsp:// URL handler allows remote arbitrary code execution. MOAB-01-01-2007.rb CVE-2007-0015
2007-01-28 11:05:15 · answer #7 · answered by gnobody 3 · 0⤊ 1⤋