That portion of my post was referring to local privilege escalation vulnerabilities. These are the vulnerabilities that can be leveraged by exploits to bypass DAC and the sandbox.
Irrelevant to iOS issues which is what we're talking about here since I bought it up regarding iOS products. My point being that iOS currently have more than 3 issues in regards to vulnerabilities and exploit potential. Verson 4.2 and/or 4.3, your pick.
You said "
Also, different security mitigations do determine the actual exploitability of a vulnerability..." and this is exactly what I'm talking about. What you continue to fail to recognize is the actual probability of the circumstance(s) which must be satisfied, before that vulnerability becomes a real, immediate problem. Keep reading as I present yet another example of this.
Both examples I provided are relatively recent.
Again it really doesn't matter. Just because you post an example right now about how one company's response time was quicker than the other, doesn't make 1 company clearly better than the other.
My subsequent counter to any counter you provide will include many items from these two following...
It's not anything meaningful because it fails to recognize the real-world impact of those issues. \
Just because Kaspersky posts up a pie-chart, it is no evidence of a real-world problem. Here's why.
Kaspersky admits that their current security package is unable to tackle TDL4
yet so they provide a separate TDSS removal app for free on their site to scan for and remove the rootkit malware. If Kaspersky is unable to detect TDL4 through their security suites, how it is getting their data?
It bases the numbers on how many downloads have been made for their free "TDSS Killer" app and they can look at the IP ranges to see what region and the numbers that downloaded their tool from their site. Kaspersky has no ability/capability to remote scan every Windows machine in the wild, check it for TDL4 infection/compromises then state "yup, that person's computer is infected". This clearly doesn't mean 4 million machines were confirmed infected as they have no ability to detect any such condition from their end. I've already explained TDL4 earlier and have no need to repeat it again here.
Apple is no longer including those by default because Apple no longer wants to have to maintain a third party product.
Good guess but not exactly. The truth is they have no real solution to the problem, their plan of action is not mitigation but rather avoidance. If OS X was that bombproof, no app running within it should circumvent it's iron-hard security, however as proven, it's still not enough, it can be exploited by a 3rd party app. If it's not Java or Flash, it can be any app used by many on any Mac system. iTunes, Mac Store, Safari... all these products have been exploited before and fixes had to be implemented.
Soon, the OS X version of Java will be maintained by Oracle instead of being released by Apple.
I used to work for Oracle and you appear to not understand how this works. Java has been maintained by Sun Microsystems for a very long time until their acquisition by Oracle, which currently owns Sun. Oracle has been, for a quite some time, worked bilaterally along with Apple for all Java releases. Apple has never, not once, ever maintained any 3rd party app on their own, it's always been a bilateral effort at the least with the software/hardware manufacturer.
Also, different security mitigations do determine the actual exploitability of a vulnerability.
It still doesn't determine the real-world risk level of such vulnerabilities.
Here's a clear example.
You mentioned IE9 sucks because it can be hijacked by visiting a boobytrapped website. Say for this example you're right, so let's build on this and see what's actually happening.
First of all we need to look at how a user can subject themselves to such a situation, obviously they'd need to find that site. Nobody to my knowledge as far as a non-malicious user, knows the exact web address of a boobytrapped website in their head, they would have to stumble upon this by accident and/or coincidence. So how can this happen?
A user will tend to use search engines to look for whatever content/material they seek. Many users choose Google for obvious reasons however we need to look at Google's built in mitigation measures in place. Google has active software and equipment constantly looking through their incredible database of caches and real-time queries (people using Google actively at that moment) and it's capable of eliminating/deleting/tagging sites that are of high risk. Google also has the ability to cross check with other search engines to keep up with all the risky websites. That's level 1 of protection before the risk is brought to the user, mitigation measures made away from the host machine.
Now the data has to come through your ISP, regardless of who that is, they also have mitigation measures in place, much like Google but likely worm/trojan/virus/malware detection filters which may slip through users that don't use Google.com for example. That's level 2 of protection away from the host machine.
Next the data is requested and returned to the user's browser. Depending on the user's choice with browsers, that browser's built in features may mitigate further risks. IE9 is the only browser that's been mentioned in this entire thread, that has
clearly proven itself being the king of anti-malware at the time of this post. Safari 5.1 has not been tested nor confirmed by anyone other than Apple's own claims about how it's the best product out there, so until then IE9 is still on top, (although I personally use something different).
http://whichbrowser.org/browserupdates/ie-9-anti-malware-kingpin-in-browser-face-off/
http://www.computerworld.com/s/arti...Rep_bumps_browser_s_anti_malware_score_to_99_ <-- older 2010 article
Then you have to deal with a typical user's own built-in protection measures, on the host's machine. As you can see there's mitigation already in place before a threat is able to present itself to the user.
FWIW I'm the type of person that doesn't readily believe everything I hear or read on the internet. Many sources merely repeat stuff posted on other sites and some readers associate it with a widespread problem. Each article to a careful reader needs to contain meaningful information. A loaded gun has a catastrophic ability kill someone, however I'd argue that your automobile is more likely to get you killed before a bullet from a loaded gun ever becomes an issue with your mortality. Where I am there's not a whole lot of gun use but nearly everyone operates a car. The
probability for me to be affected by an automobile is significantly higher than any gun, almost solely due to its likelihood, the gun while significantly more dangerous poses by comparison a near insignificant problem.
