Ubuntu 9.x added support for autorun
Ubuntu 9.x added support for autorun. Now linux users will be exposed to threats...
12 publicly visible posts • joined 17 Sep 2007
http://www.microsoft.com/windows/products/winfamily/ie/features.mspx
Cross-domain barriers:
Internet Explorer 7 helps to prevent the script on webpages from interacting with content from other domains or windows. This enhanced safeguard gives you additional protection against malware by helping to prevent malicious websites from manipulating flaws in other websites or causing you to download undesired content or software.
A virus is just a piece of code running into the system in order to perform malicious activities, so every operating system would have a virus because in every OS you have executables, programs and processes. For this reason Linux and Mac users are NOT immune to virus.
SP1 is not offered ONLY if you've installed a different language using the language pack.
http://windowsvistablog.com/blogs/windowsvista/archive/2008/03/03/language-packs-and-windows-vista-sp1.aspx
"PCs running Windows Vista Ultimate with any of the other Language Packs installed will not be offered Windows Vista SP1 through Windows Update until they are released. Once the Language Packs are released, Windows Vista SP1 will then be offered for installation. "
Firefox 2.0.0.12 is still vulnerable to directory trasversal:
"don't patch vulnerabilities
for fifty percent, take the time and fix the cause. Because directory
traversal through plugins is all nice and such, we don't need it. We
can trick Firefox itself in traversing directories back. I found
another information leak that is very serious because we are able to
read out all preferences set in Firefox, or just open or include about
every file stored in the Mozilla program files directory, and this
without any mandatory settings or plugins."
http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060156.html
/*
@name: Firefox <= 2.0.0.12 information leak pOc
@date: Feb. 07 2008
@author: Ronald van den Heetkamp
@url: http://www.0x000000.com
*/
pref = function(a,b) {
document.write( a + ' -> ' + b + '<br />');
};
</script>
<script src="view-source:resource:///greprefs/all.js">
</script>
The virus is only able to spread to further disks when Windows [itself] is not yet started,…the virus can infect further disks at boot time, but not after Windows has been started.
http://sunbeltblog.blogspot.com/2007/09/update-on-stoned-virus-infection-of.html