Mac OS X Update

Image courtesy of Apple Apple has released a major update to Mac OS X. If you use a Mac you should first make a good backup of your computer then apply this update.

It patches over 40 security vulnerabilities (don’t let anyone tell you Macs are completely safe and invulnerable). The latest version is 10.5.3.

Ad-Aware 2008

Ad-Aware 2008 is now available. It’s a popular anti-spyware product for Windows that scans your computer for spyware and adware. It comes in three versions:

  • Free
  • US$26.95, includes features such as real time detection
  • US$39.95, includes more advanced features such as network drive scanning

There’s a comparison chart here showing what’s different between the versions. If you’re new to this product and aren’t sure which version you need start with the free version.

Read more about Ad-Aware 2008 here including a download link.

Similar products available for Windows are:

Also note that the larger anti-virus packages such as Trend Internet Security also contain anti-spyware modules.

Update: HP Software Update Tool

Back in January I mentioned that HP’s Software Update Tool was vulnerable to attacks. That was limited to a support program installed on HP laptops. Now the problem appears to be worse than first thought.

A large number of HP’s printers (both laser and inkjet), scanners, cameras and PCs also include this tool. Version or earlier is vulnerable. The problem has been resolved in the latest update, version

So if you have an HP product on your computer check if HP’s Software Update Tool is installed, and the version number. You might need to upgrade it.

printerThe risk is that a malicious web page can be created that activates some code in HP’s Software Update Tool and it can execute code on your computer. This is OK if you’re allowing HP to update your drivers, but it’s a bad thing if random strangers can do this.

Note that this only affects Windows users.

QuickTime Patch

Apple has released a new version of QuickTime for Windows and Mac. It fixes 11 vulnerabilities so if you have QuickTime installed on your machine it makes good sense to update it now.

music The new version is 7.4.5

Note that QuickTime is usually installed with iTunes, so if you use iTunes you probably also have QuickTime installed.

See Apple’s website for more details.

ActiveX Flaw in Symantec Products

Symantec is well known for making security products (they also use the Norton brand for home products). A serious flaw has been found in some of their products including Norton AntiVirus, Norton Internet Security, Norton SystemWorks and Norton 360.

The flaw is in an ActiveX control that gets installed on the PC (the control is called SymAData.dll). This control is normally used for their AutoFix tool, however it was discovered that it can be exploited by adding some malicious code to a website. The exploit allows someone to take over the computer (generally a bad thing).

Two ways to fix this problem are:

Earlier we wrote about problems with ActiveX and suggested you disable it.

Flash Vulnerability

People that have Adobe’s Flash player version or earlier, or or earlier, need to update it now. A new exploit for these versions has been discovered and can allow someone to take control of your computer just from visiting a website that has malicious code.

The new version that you need is and it fixed this new vulnerability.

AIR1.0 is also affected because it includes a Flash player built in. If you use AIR upgrade to version 1.0.1.

Adobe’s security bulletin says that this affects all platforms, so that would include all versions of Windows, Macs, and Linux.


iMunizator is an application for the Mac that claims to scan the computer and report problems.

iMunizator actually searches the computer for important files and tells the user that they are dangerous. It then offers to remove them.After removing them the computer is no longer usable.

In other words, iMunizator is a malicious program. Don’t ever run this program on a Mac.

It’s actually another version of MacSweeper, which we warned you about earlier this year.

Imunizator’s website