In November, there were a couple of vulnerabilities that could have a potentially major impact on home and home office users. The first is a flaw in Apple Mac OS X that if taken advantage of could allow attackers to gain complete control of your computer. This flaw is related to disk image files with the “.dmg” file extension. If a malicious disk image file is double-clicked, the malicious code could run, giving a hacker complete control of your computer. Apple Mac OS X users should be very careful when downloading disk image files, as they may be malicious. The second issue affects Mozilla Firefox. All users that use Firefox to store usernames and passwords for Web sites are at risk of having their information stolen by hackers. Hackers can craft fake login forms that can steal information automatically filled in by Firefox. All Firefox users should carefully consider not using Firefox to store passwords or login information, as it may be unsafe.
Early in November there was an issue encountered with the Google Video email list. On November 7, 2006, Google inadvertently allowed an email worm to be forwarded through the email list to approximately 50,000 users. The email worm, w32.Blackmal, could potentially damage computers and destroy files. Users should be very careful about downloading and executing files attached to emails, even if they do come from trusted sources.
All of the issues mentioned here, along with other threats and Internet security news are discussed in more detail in the Symantec Home & Home Office Security Report for November, 2006. This month’s report can be viewed and/or downloaded from the homepage, as well as previous reports from August, September, and October, 2006.