Zeus Trojan infects 74,000 PCs in global botnet

Mine runs a Unix-based operating system.

That is great to hear.

are more vulnerable than Windows?

Bring it on, and I'll flatten all your arguments with facts. No FUD. No BS.

I said bring it on!

Oh, that's right, we don't.

My Ubuntu machines just sail past malware completely unharmed.

My Windows machines just sail past malware completely unharmed.

Too bad those people stuck in the real world can't have it as easy as you.

.

made by real human beings.

That says it all.

~~~~~~~~~~~
All virtue is summed up in dealing justly.
~ Aristotle

http://news.zdnet.com/2424-9595_22-395387.html

Google: http://www.google.com/search?q=Linux+botnet
Results 1 - 10 of about 589,000 for Linux botnet. (0.26 seconds)

On topic eh?

~~~~~~~~~~~
You must lose a fly to catch a trout.
~ George Herbert, 1593-1633, English Clergyman and Metaphysical Poet

Google: http://www.google.com/search?q=windows+botnet
Results 1 - 10 of about 3,450,000 for windows botnet. (0.22 seconds)

See? it took only 0.22 seconds to find 3,450,000 results for windows while it took more to find seven times less for Linux. Even though Linux has a larger server market share it still is hardly touched by malware, if at all. Amazing isn't it?

It's real hard to find something wrong with Linux isn't it? I guess windows does make your life easier (at least for google bot it does.)

On topic eh?

~~~~~~~~~~~
You have to be a moron to add those lines at the bottom of your talkbacks. They look stupid.
~ The Mentalist, Earthling and all around good guy.

How come the Google search doesn't return 90x more for Windows+botnet? (Than Linux that is?)

Well, as for the quotes, I like them. That is sufficient for me. If it annoys you, why do you read them?

Seems crazy to me?


And frankly I don't care about appearances... I do not believe in superficiality, rather substance.

How else could I have chosen such a pejorative nickname?

I've got chutzpah! Yeah!

~~~~~~~~~~~~~~
When you judge another, you do not define them, you define yourself.
~ Wayne Dyer, American motivational Speaker and Author of self-help best selling books. b.1940

How people treat you is their karma; how you react is yours.
~ Wayne Dyer, American motivational Speaker and Author of self-help best selling books. b.1940

On the desktop malware incidents should be 90 windows to 1 Linux but on the Server Linux should have more incidents.

But we don't see that happen in real life, do we? Why is that?

Prove that Linux 'dominates' the server market. With numbers, not just mere wishful urban myths.

As a matter of fact, I run Red Hat Enterprise Linux 5.3 under Windows 2008 & Dell Blades server using Hyper-V.

Yeah, Enterprise Linux running under Windows 2008!

Doh!

Let me substantiate:
Google: http://www.google.com/search?q=linux+dominates+server+market
Results 1 - 10 of about 133,000 for linux dominates server market. (0.39 seconds)

First of all, Apache dominates the server market. And Apache is open-source and runs under any OS. Not just Linux. Didn't you know that?

Google: http://www.google.com/search?sitesearch=*.apache.org&q=aoache+for+windows
Results 1 - 10 of about 8,670 from *.apache.org for apache for windows. (0.53 seconds)

Google: http://www.google.com/search?q=which+OS+dominates+the+server+market
Results 1 - 10 of about 85,700 for which OS dominates the server market. (0.47 seconds)

Lol, both searches points to the same conclusion: Whether you search for Linux or more precisely for "which OS dominates the server market", they both point to Microsoft Windows.

Just do it, check it out! No kidding. No FUD. No Bias. No BS.

~~~~~~~~~~~~
One dog barks at something, the rest bark at him.
{Chinese Proverb}

That's how I see things. 2008 not good enough, Read Hat must take over and do its job.

It helps consolidate data centers, resources, and manageability, not to mention efficiency.

But you've heard the saying: A chain is as strong as its weakest link?

I can assure you Red Hat Enterprise 5.3 is extremely robust and completely reliable.

Since it runs virtualized under Windows 2008 Enterprise Server and Hyper-V, does that mean that the underlying OS is at least as reliable if not more?

~~~~~~~~~~~
Judge a man by his questions rather than by his answers.
~ Voltaire, 1694-1778, French Writer and Philosopher

Only 74,000 out of millions if not billions of computers. That is not too bad, looks like the PC world is winning this war.

... apologies are best avoided.

All talk, no substantiation.

Talk is cheap!

~~~~~~~~~~~~~
It is not who is right, but what is right, that is of importance.
~ Thomas Huxley, 1825-1895, English Biologist

http://blogs.computerworld.com/14723/no_more_linux_security_bragging_botnet_discovery_worry

If I wanted I could find dozens of blog posts telling the opposite.

Hmmm, do you know how many new computers were sold since Jan 1 2010?

38,019,495 and counting...

Source: http://www.worldometers.info/computers/

The source for this data is IDC, the premier global provider of market intelligence, advisory services, and events for the information technology, telecommunications, and consumer technology markets.

IDC's Worldwide Quarterly PC Tracker gathers PC market data in 55 countries by vendor, form factor, brand, processor brand and speed, sales channel and user segment. The research includes historical and forecast trend analysis as well as price band and installed base data.

The PC tracker includes Desktop, Notebook, Ultra Portable, and x86 Server market data. It does not include handhelds.

Soo, 74,000 PCs in the world represents what percentage may I ask?

And those infected PCs simply have not been updated...

The root cause to all problems can usually be traced to whatever sits between the chair and keyboard...

Malware? Botnets? What's that? Never seen it around here. Not on my watch.

I have a pretty good guess, of course, having seen the usual windoze apologists in a frenzy. However I would like to know for sure: is it Win7, Vista?

Inquiring minds would like to know.

What's up with the "windoze apologists in a frenzy" you quote so often? Ever seen any?

I've seen plenty Linooze aficionados, too immature to appreciate reality as it is. So they invent one, in their delusional mental fantasy...

Reality or insanity?

~~~~~~~~~~~
Education's purpose is to replace an empty mind with an open one.
~ Malcolm S. Forbes, 1917-1990, American Publisher

what his usefull here is now relagated to

Thanks a bunch Mr. Useful.

Though it really does appear that you have actually reached an equal footing with some others here:

We respond to your nonsense now simply because it is fun making you work so hard at making yourself look foolish.

I am sorry, but that is now the extent of your usefulness here.

It does allow you to reach an equal footing with Loverock Davidson but it's not of much use.

Keep up the good work.

In case of acid-reflux, Tums Tums Tums Tum!

I suppose this reply is somewhat on topic? Somebody raised some diarrhea issue? Is it fair to amplify?

~~~~~~~~~~~
Do what you feel in your heart to be right - for you'll be criticized anyway. You'll be damned if you do, and damned if you don't.
~ Eleanor Roosevelt

Close the door and pull the flush to cover the noise up.

For the record, I started using Linux way back then in 1992 with SoftLandingSystem Linux. I use on a daily basis Red Hat 5.3 Enterprise Linux, Knoppix, Mint, QNX, AIX, HP-UX and Solaris. In addition to Windows (all flavors & architectures)

So I use the term Linooze just to counterbalance the term Windoze used by some bigots.

But I have a deep respect and like Linux, and support Open Source all the way! Just not exclusively.

Back to topic: Ahh, yes the pattern. I like pattern discovery...

Google: http://www.google.com/search?q=internet+troll+wiki
Results 1 - 10 of about 138,000 for internet troll wiki. (0.40 seconds)

__________
http://en.wikipedia.org/wiki/Troll_(Internet)

In Internet slang, a troll is someone who posts inflammatory, extraneous, or off-topic messages in an online community, such as an online discussion forum, chat room or blog, with the primary intent of provoking other users into an emotional response[1] or of otherwise disrupting normal on-topic discussion.[2]

~~~~~~~~~~~~
Q. Can you think of a numerical palindrome that when squared results in another palindrome?
A.
1^2 = 1
11^2 = 121
111^2 = 12321
1111^2 = 1234321
11111^2 = 123454321
111111^2 = 12345654321
1111111^2 = 1234567654321
11111111^2 = 123456787654321
111111111^2 = 12345678987654321

You know, the one we see when you're leaving.

Why don't you check out my profile on Google.

You know, simply Google Wintard...

I debunk FUD. I eat trolls for breakfast.

And you will find me everywhere... Just look behind you!

you eat yourself for breakfast.

There's no future it. You know you can't keep doing it forever, don't you?

Linux still has a disproportionately large number of vulnerabilities?

I propose the low incident count of malware under Linux, is in direct linear proportion to market acceptance, and market share.

Basically, security achieved through obscurity and irrelevance...

More interesting substantiation at:
Google: http://www.google.com/search?q=linux+vulnerabilities
Results 1 - 10 of about 2,430,000 for linux vulnerabilities. (0.36 seconds)

http://marketshare.hitslink.com/operating-system-market-share.aspx?qprid=8

~~~~~~~~~~~~
There are only 10 kinds of people; those who understand binary, and those who don't.

You go as far as to say that there's a "direct linear proportion to market acceptance, and market share"

Putting faith in your numbers that would mean that for every 90 desktop malware incidents in desktop windows we would see one in desktop Linux.

However we don't see nothing like that. No Sir, not at all.

Care to explain?

Um, you use Adobe Flash in Linux I presume? You also use Java from Sun? That's for starters.

Well according to security firm http://secunia.com/ here's their weekly newsletter:

Just in the interest of brievety, only cover 2010 to date; I'll go from most-recent chronologically:

========================================================================

The Secunia Weekly Advisory Summary
2010-02-11 - 2010-02-18

This week: 85 advisories

========================================================================
During the past week 85 Secunia Advisories have been released. All Secunia customers have received immediate notification on the alerts that affect their business.

This weeks Secunia Advisories had the following spread across platforms and criticality ratings:

Platforms:
Windows : 10 Secunia Advisories
Unix/Linux : 36 Secunia Advisories
Other : 4 Secunia Advisories
Cross platform : 35 Secunia Advisories

Criticality Ratings:
Extremely Critical : 0 Secunia Advisories
Highly Critical : 18 Secunia Advisories
Moderately Critical : 29 Secunia Advisories
Less Critical : 27 Secunia Advisories
Not Critical : 11 Secunia Advisories
========================================================================

The Secunia Weekly Advisory Summary
2010-02-04 - 2010-02-11

This week: 68 advisories

========================================================================
During the past week 68 Secunia Advisories have been released. All Secunia customers have received immediate notification on the alerts that affect their business.

This weeks Secunia Advisories had the following spread across platforms and criticality ratings:

Platforms:
Windows : 16 Secunia Advisories
Unix/Linux : 16 Secunia Advisories
Other : 5 Secunia Advisories
Cross platform : 31 Secunia Advisories

Criticality Ratings:
Extremely Critical : 0 Secunia Advisories
Highly Critical : 16 Secunia Advisories
Moderately Critical : 27 Secunia Advisories
Less Critical : 21 Secunia Advisories
Not Critical : 4 Secunia Advisories
========================================================================

The Secunia Weekly Advisory Summary
2010-01-28 - 2010-02-04

This week: 60 advisories

========================================================================
During the past week 60 Secunia Advisories have been released. All Secunia customers have received immediate notification on the alerts that affect their business.

This weeks Secunia Advisories had the following spread across platforms and criticality ratings:

Platforms:
Windows : 6 Secunia Advisories
Unix/Linux : 16 Secunia Advisories
Other : 3 Secunia Advisories
Cross platform : 35 Secunia Advisories

Criticality Ratings:
Extremely Critical : 0 Secunia Advisories
Highly Critical : 7 Secunia Advisories
Moderately Critical : 20 Secunia Advisories
Less Critical : 28 Secunia Advisories
Not Critical : 5 Secunia Advisories
========================================================================

The Secunia Weekly Advisory Summary
2010-01-21 - 2010-01-28

This week: 56 advisories

========================================================================
During the past week 56 Secunia Advisories have been released. All Secunia customers have received immediate notification on the alerts that affect their business.

This weeks Secunia Advisories had the following spread across platforms and criticality ratings:

Platforms:
Windows : 2 Secunia Advisories
Unix/Linux : 28 Secunia Advisories
Other : 3 Secunia Advisories
Cross platform : 23 Secunia Advisories

Criticality Ratings:
Extremely Critical : 0 Secunia Advisories
Highly Critical : 6 Secunia Advisories
Moderately Critical : 21 Secunia Advisories
Less Critical : 24 Secunia Advisories
Not Critical : 5 Secunia Advisories
========================================================================

The Secunia Weekly Advisory Summary
2010-01-14 - 2010-01-21

This week: 54 advisories

========================================================================
During the past week 54 Secunia Advisories have been released. All Secunia customers have received immediate notification on the alerts that affect their business.

This weeks Secunia Advisories had the following spread across platforms and criticality ratings:

Platforms:
Windows : 10 Secunia Advisories
Unix/Linux : 21 Secunia Advisories
Other : 2 Secunia Advisories
Cross platform : 21 Secunia Advisories

Criticality Ratings:
Extremely Critical : 1 Secunia Advisory
Highly Critical : 5 Secunia Advisories
Moderately Critical : 21 Secunia Advisories
Less Critical : 25 Secunia Advisories
Not Critical : 2 Secunia Advisories
========================================================================

The Secunia Weekly Advisory Summary
2010-01-07 - 2010-01-14

This week: 63 advisories

========================================================================
During the past week 63 Secunia Advisories have been released. All Secunia customers have received immediate notification on the alerts that affect their business.

This weeks Secunia Advisories had the following spread across platforms and criticality ratings:

Platforms:
Windows : 6 Secunia Advisories
Unix/Linux : 27 Secunia Advisories
Other : 2 Secunia Advisories
Cross platform : 28 Secunia Advisories

Criticality Ratings:
Extremely Critical : 1 Secunia Advisory
Highly Critical : 12 Secunia Advisories
Moderately Critical : 14 Secunia Advisories
Less Critical : 35 Secunia Advisories
Not Critical : 1 Secunia Advisory
========================================================================

The Secunia Weekly Advisory Summary
2009-12-31 - 2010-01-07

This week: 81 advisories

========================================================================
During the past week 81 Secunia Advisories have been released. All Secunia customers have received immediate notification on the alerts that affect their business.

This weeks Secunia Advisories had the following spread across platforms and criticality ratings:

Platforms:
Windows : 10 Secunia Advisories
Unix/Linux : 27 Secunia Advisories
Other : 3 Secunia Advisories
Cross platform : 41 Secunia Advisories

Criticality Ratings:
Extremely Critical : 0 Secunia Advisories
Highly Critical : 11 Secunia Advisories
Moderately Critical : 32 Secunia Advisories
Less Critical : 35 Secunia Advisories
Not Critical : 3 Secunia Advisories
========================================================================

Notice the pattern? Much less Windows advisories, than Linux/Unix? Hey, I didn't make that up. It's on their site! Go and verify for yourself...

Don't believe Secunia?

How about the Department of Homeland Security / National Cyber Security Division / US-CERT / National Institute of Standards and Technology NIST official governmental website?

The National Vulnerability Database (NVD)
http://nvd.nist.gov/

Would that convince you?

Okay, just for fun, why don't you do the math, and go to the NVD, and search once for Linux, and another search for Windows, and see what comes back?

Please report back your findings to enlighten all of us.

Happy discovery!

~~~~~~~~~~~
The more you learn, the more you realize you didn't know. That's the downside of continuing your education. The benefits come next.
~ Unknown Source

Obstacles are things you see when you take your eyes off the goal.
~ Alan Kulwicki, 1954-1993

Any darn fool can make something complex; it takes a genius to make something simple.
~ Albert Einstein

Conceptual attacks are all very well and good but they are nothing more than interesting academical exercises: Interesting but irrelevant.

Your so-called Linux exploits are intellectually interesting but bear no relevance in the real world.

These vulnerabilities are reported as a real, clear and present danger to all OSes.

Just that some ignoramuses are so smug to pretend they are invincible. Those are the first one to fall!

Are you implying the NVD http://web.nvd.nist.gov/view/vuln/search reports falsehoods?

Well this is the first page of the NVD concerning Linux:

Of course all Linooze apologist will dismiss facts...

Search Results (Refine Search)
There are 1,411 matching records. Displaying matches 1 through 20.




CVE-2010-0415
Summary: The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel's node set.

Published: 02/17/2010
CVSS Severity: 4.6 (MEDIUM)
CVE-2010-0307
Summary: The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application that attempts to execute a 64-bit application and then triggers a segmentation fault, as demonstrated by amd64_killer, related to the flush_old_exec function.

Published: 02/17/2010
CVSS Severity: 4.7 (MEDIUM)
CVE-2010-0623
Summary: The futex_lock_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly manage a certain reference count, which allows local users to cause a denial of service (OOPS) via vectors involving an unmount of an ext3 filesystem.

Published: 02/15/2010
CVSS Severity: 2.1 (LOW)
CVE-2010-0622
Summary: The wake_futex_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly handle certain unlock operations for a Priority Inheritance (PI) futex, which allows local users to cause a denial of service (OOPS) and possibly have unspecified other impact via vectors involving modification of the futex value from user space.

Published: 02/15/2010
CVSS Severity: 2.1 (LOW)
CVE-2010-0291
Summary: The Linux kernel before 2.6.32.4 allows local users to gain privileges or cause a denial of service (panic) by calling the (1) mmap or (2) mremap function, aka the "do_mremap() mess" or "mremap/mmap mess."

Published: 02/15/2010
CVSS Severity: 4.6 (MEDIUM)
CVE-2010-0297
Summary: Buffer overflow in the usb_host_handle_control function in the USB passthrough handling implementation in usb-linux.c in QEMU before 0.11.1 allows guest OS users to cause a denial of service (guest OS crash or hang) or possibly execute arbitrary code on the host OS via a crafted USB packet.

Published: 02/12/2010
CVSS Severity: 4.4 (MEDIUM)
CVE-2010-0394
Summary: PyGIT.py in the Trac Git plugin (trac-git) before 0.0.20080710-3+lenny1 and before 0.0.20090320-1 on Debian GNU/Linux, when enabled in Trac, allows remote attackers to execute arbitrary commands via shell metacharacters in a crafted HTTP query that is used to generate a certain git command.

Published: 02/10/2010
CVSS Severity: 6.8 (MEDIUM)
CVE-2010-0472
Summary: kuddb2 in Tivoli Monitoring for DB2, as distributed in IBM DB2 9.7 FP1 on Linux, allows remote attackers to cause a denial of service (daemon crash) via a certain byte sequence.

Published: 02/02/2010
CVSS Severity: 5.0 (MEDIUM)
CVE-2010-0462
Summary: Heap-based buffer overflow in IBM DB2 9.7 and 9.7.1 on Linux allows remote authenticated users to have an unspecified impact via a SELECT statement that has a long column name generated with the REPEAT function.

Published: 01/28/2010
CVSS Severity: 6.5 (MEDIUM)
CVE-2009-4272
Summary: A certain Red Hat patch for net/ipv4/route.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remote attackers to cause a denial of service (deadlock) via crafted packets that force collisions in the IPv4 routing hash table, and trigger a routing "emergency" in which a hash chain is too long. NOTE: this is related to an issue in the Linux kernel before 2.6.31, when the kernel routing cache is disabled, involving an uninitialized pointer and a panic.

Published: 01/27/2010
CVSS Severity: 7.8 (HIGH)
CVE-2009-3556
Summary: A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when N_Port ID Virtualization (NPIV) hardware is used, sets world-writable permissions for the (1) vport_create and (2) vport_delete files under /sys/class/scsi_host/, which allows local users to make arbitrary changes to SCSI host attributes by modifying these files.

Published: 01/27/2010
CVSS Severity: 1.9 (LOW)
CVE-2010-0006
Summary: The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.32.4, when network namespaces are enabled, allows remote attackers to cause a denial of service (NULL pointer dereference) via an invalid IPv6 jumbogram, a related issue to CVE-2007-4567.

Published: 01/26/2010
CVSS Severity: 7.1 (HIGH)
CVE-2010-0003
Summary: The print_fatal_signal function in kernel/signal.c in the Linux kernel before 2.6.32.4 on the i386 platform, when print-fatal-signals is enabled, allows local users to discover the contents of arbitrary memory locations by jumping to an address and then reading a log file, and might allow local users to cause a denial of service (system slowdown or crash) by jumping to an address.

Published: 01/26/2010
CVSS Severity: 5.4 (MEDIUM)
CVE-2009-4257
Summary: Heap-based buffer overflow in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths.

Published: 01/25/2010
CVSS Severity: 9.3 (HIGH)
CVE-2009-4248
Summary: Buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to have an unspecified impact via a crafted RTSP SET_PARAMETER request.

Published: 01/25/2010
CVSS Severity: 9.3 (HIGH)
CVE-2009-4247
Summary: RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allow remote attackers to have an unspecified impact via a crafted ASM RuleBook, related to an "array overflow."

Published: 01/25/2010
CVSS Severity: 9.3 (HIGH)
CVE-2009-4246
Summary: Stack-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows user-assisted remote attackers to execute arbitrary code via a malformed .RJS skin file that contains a web.xmb file with crafted length values.

Published: 01/25/2010
CVSS Severity: 9.3 (HIGH)
CVE-2009-4245
Summary: Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to have an unspecified impact via a compressed GIF file.

Published: 01/25/2010
CVSS Severity: 9.3 (HIGH)
CVE-2009-4244
Summary: Heap-based buffer overflow in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via an SIPR codec field with a small length value that triggers incorrect memory allocation.

Published: 01/25/2010
CVSS Severity: 9.3 (HIGH)
CVE-2009-4243
Summary: RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted media file that uses HTTP chunked transfer coding, related to an "overflow."

Published: 01/25/2010
CVSS Severity: 9.3 (HIGH)

~~~~~~~~~~~~
We don't see things as they are. We see things as we are.
~ Anais Nin

Facts are sacred, ignore them at your own risk.

Your loss.

Why do nearly all these articles turn into pathetic childish arguments about one operating system vs. another? Do you think you will change anybody else's mind about what they use? You can use whatever you want, and I'll continue using what I like, OK?

Going by the debate here, we'd all best stop slagging the others OS and just acknowledge that crooks are out there. I'm running Win7, XP, and SUSE. As far as I know I have no security issues BUT might get a surprise one day.... might find my SUSE ain't as immune as I've been told for years.

Please don't respond and tell me to use product-A. I'm happy; we're all happy; and none of us will change OS. Be aware, be careful, and enjoy your computer.

I use three separate Microsoft Windows Operating Systems, XP, Vista, 7. I download, open and install just about everything under the sun and do not have any issues. Why do I not have any problems? I have bullet proof security!! The problem lies with the person or persons who implemented the system security protocols not the users. The average user has no clue about system security. Fire the idiots who are in charge of setting up and maintaining the system security. You can only do what the system security will allow you to!!