Security Threats Branch Out From Windows to Mac, Linux

In its list of the top 20 most critical Internet vulnerabilities in the first quarter of the year, the Sans Institute reported that software fixes were released for flaws in RealNetworks Inc.'s RealOne Player and RealPlayer. Security flaws were found in versions of the multimedia players running on Windows, Mac OS and Linux.

In addition, vulnerabilities were listed for Apple's iTunes music player, versions prior to 4.7.1, which runs on Windows and the Mac OS, as well as the Winamp mulitmedia player for Windows from Nullsoft, and the Helix Player for Linux.

"Hackers haven't stopped attacking Microsoft products, but they've started attacking everything else as well," Alan Paller, director of research for Sans said. "The reason is this is a huge criminal business now. Capturing another 100,000 computers to be used for spam can be worth a million bucks."

The current trend among hackers is to spread through e-mail viruses that exploit a variety of popular software that people install on their computers, such as multimedia software and music players.

"The attackers are going after the programs you buy to install on your computer, rather than the programs that come with your computer," Paller said.

To close vulnerabilities in programs such as iTunes or RealPlayer, users often have to download the latest version, rather than just a patch, which is commonly used to fix operating-system flaws. As a result, consumers with dial-up connections are often most vulnerable, because they are the least likely to take the time to download the latest software, Paller said.

Besides multimedia players, patches were released in the first quarter for several Microsoft products, including the Windows License Logging Service, the Microsoft Server Message Block and Internet Explorer browser.

Patches also were released for Computer Associates International Inc.'s License Manager, which is found in most of its storage, security and database products; and versions of Oracle Corp.'s 9i, 8i and 8 databases; Application Server, Collaboration Suite and E-Business Suite.

Patches also were released for antivirus products from Symantec Corp., F-Secure Corp., Trend Micro Inc. and McAfee Inc.

Details on the vulnerabilities and patches are available on the Sans Institute website.