A security company has released the results of a yearly content pitting popular operating systems against hungry hackers. The grand price is $20,000 as well as the compromised computer.

The computers in this case were:

• A VAIO VGN-TZ37CN running Ubuntu 7.10 (Linux)
• A Fujitsu U810 running Vista Ultimate with Service Pack 1 applied
• A MacBook Air running OS X 10.5.2

The challenge worked as follows – three days of attacks were allowed. The first day, the teams could only stage network attacks. The second day, they could use attacks requiring user interaction, through apps installed on the computer such as IM, email, or web browser. On the third day, they were allowed attack targeting any number of “popular apps” – Adobe Flash, Acrobat Reader, etc. Each day the prize was reduced.

No one could compromise a system on the first day. The second day saw an unlikely winner: the Macbook Air fell prey to an exploit using the Safari browser.

The final day of the contest saw the Vista machine compromised through Adobe Flash.

The details of the exploits aren’t released until the vendors have the opportunity to patch their products.

What’s the lesson here? Today’s vulnerabilities usually stem from the applications we run, not from the OS we run them on. The frequent security updates we’re bombarded with for applications like Java, Adobe Reader, and Flash are a necessary evil – and just might save you the next time you mistype a website or let your teen use your laptop.

See the full rundown here..

This entry was posted on Friday, April 4th, 2008 at 11:59 pm and is filed under Tips. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.