Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

And the top 3 most vulnerable operating systems for 2014 are...?


  • Please log in to reply
15 replies to this topic

#1 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,613 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:59 AM

Posted 24 February 2015 - 12:36 PM

Windows? No, Linux and Mac OS X were the most vulnerable OS in 2014

Apples operating system is considered to be the most secure operating system whether its Mac OS X for desktop computers or iOS for iPhones. But believe it or not, they are the most vulnerable operating system of year 2014.

MOST VULNERABLE OPERATING SYSTEM
Windows, which is often referred to as the most vulnerable operating system in the world and also an easy pie for hackers, is not even listed on the top three vulnerable OS. According to an analysis by the network and security solutions provider GFI, the top three most vulnerable operating system are:

  • Apples Mac OS X
  • Apple iOS
  • Linux kernel

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:59 AM

Posted 24 February 2015 - 07:47 PM

Linux and Mac users aren't as invulnerable as they touted to be...

Alex

#3 quietman7

quietman7

    Bleepin' Janitor

  • Topic Starter

  • Global Moderator
  • 51,613 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:59 AM

Posted 24 February 2015 - 07:54 PM

Nope. We talked about this last year.
 

...whenever someone states that linux or macs are more secure I laugh. You ever look at the monthly security updates for those operating systems? The reality is that the market base is too small and not worth their while. Not worth their time to target a much smaller base.

Grinler, BC Site Admin & Microsoft MCP: Post #2332.

Your browser will happily inform the web server what operating system you are running, allowing the server to provide you with the correct executable format for your platform.

Fabian Wosar, Security Developer: Post #2341.

The market has been growing fast.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,670 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 AM

Posted 24 February 2015 - 09:25 PM

I still like the fact that people don't understand that whenever there's a vulnerability released for the Linux/UNIX kernel, chances are that their OS X is affected as well since they are based on the same kernel. Which means that there's a chance for every Linux/UNIX vulnerability to be one for OS X as well, which adds to the count pretty fast. And there's tons of exploits in Linux/UNIX alone, so imagine combining them with OS X ones. Also if OS X users thinks that they are safe from "serious" malware like RATs or Keyloggers, they haven't seen half the things I've seen so far and believe me, the threat exists, it's real and it's quite efficient.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#5 quietman7

quietman7

    Bleepin' Janitor

  • Topic Starter

  • Global Moderator
  • 51,613 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:59 AM

Posted 24 February 2015 - 09:59 PM


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,422 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:04:59 PM

Posted 24 February 2015 - 10:56 PM

Quote

Linux and Mac users aren't as invulnerable as they touted to be...

I still feel safer with Linux than Windows.

Quote

Your browser will happily inform the web server what operating system you are running, allowing the server to provide you with the correct executable format for your platform.

Thats easy to fix.

Oh look I am on an Iphone.
workspace-1_003.png

#7 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,670 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 AM

Posted 24 February 2015 - 10:58 PM

Maybe I can't see that screenshot properly since I'm on my phone but you have a nice little extension here Nick! :P

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#8 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,422 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:04:59 PM

Posted 24 February 2015 - 11:03 PM

Both Firefox and Chrome have a user agent switcher plug in.

 

User-Agent Switcher for Chrome - Chrome Web Store

 

User Agent Switcher :: Add-ons for Firefox - Mozilla Add-ons

 

And now I am a msn bot.

 

148-workspace-1_004.png



#9 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,670 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 AM

Posted 25 February 2015 - 06:23 AM

That's what I thought :P I recognized the logo on the extension hence my comment. However, I guess there's some websites where changing your agent can affect your browsing experience, right?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#10 quietman7

quietman7

    Bleepin' Janitor

  • Topic Starter

  • Global Moderator
  • 51,613 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:59 AM

Posted 25 February 2015 - 06:38 AM

And now I am a msn bot.

I always knew you were a Bleepin' Bot in disguise. :whistle:
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:59 AM

Posted 25 February 2015 - 06:43 AM

I always knew you were a Bleepin' Bot in disguise. :whistle:

Are you saying that the Bleepin' Bot in the Malware Removal Logs section is our dear Advisor? :lmao:

#12 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,670 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 AM

Posted 25 February 2015 - 06:48 AM

We all know that there's way too many bots in UNITE  :whistle: Back on topic, I knew that sometimes, a website isn't able to properly read the user agent of a browser even without using a such extension, so I think that there's something else affecting it.


unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#13 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:59 AM

Posted 27 February 2015 - 03:45 PM

My opinion: this method is fundamentally flawed.

 

First, the security of an OS is not only determined by the number of vulnerabilities it has (known and unknown).

Second, the number of disclosed vulnerabilities is not a good indication of how many undisclosed and unknown vulnerabilities an OS has.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#14 quietman7

quietman7

    Bleepin' Janitor

  • Topic Starter

  • Global Moderator
  • 51,613 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:59 AM

Posted 01 March 2015 - 08:12 AM

Java malware cross platform targets Windows, Mac, Linux, Android, Blackberry and IPhone

Note: this is java malware so will be cross platform and capable on running on any system that can run java applets. This will include All versions of windows and Apple Mac and Linux computers. And potentially on Android, Blackberry and IPhone ( depending on how your phone is configured to run Java) . If you do not have Java installed then you cannot be infected.


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#15 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,670 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 AM

Posted 01 March 2015 - 12:08 PM

Java malware are nothing new too, there's so many that exists, like the famous jRAT. quietman, your link redirects me to the Sysinternal Suites webpage :o

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users