ARP Cache Poison reported in Norton AntiVirus for Mac

Similar Messages

• Norton AntiVirus for Mac.

  Greetings.
  I saw Norton AntiVirus for Mac in the market. Should we buy it and install it to secure our Mac?
  So far there is no virus can attack Mac OS right?
  Best regards.

  Norton is hopeless on windows, let alone on a mac. Don't bother. I run windows/mac on my macbook and have encountered several viruses all the time due to the large amount of things I download and not once has the virus crossed into my mac partition and I have rights to read/write to and from mac to NTFS and NTFS to mac partition.
  If you are that scared use Eset NOD32 through bootcamp in windows and do a complete scan on both partitions by using macdrive to access your mac partition.

• Norton Antivirus for Mac update?

  My Norton Antivirus subscription has had its year and needs updating - ie more money! There's been so much talk on this site about how useless and how NV can even be damaging, is it worth updating??
  If I don't, presumably the old outdated software will still be installed but ineffective?

  *Mac OSX and Viruses*
  There are currently no real viruses that affect OS X users. There are very small number of things that can cause virus-like behavior that can affect Macs under special circumstances. These are:
  1) [AppleScript, ASthtv05|http://www.theregister.co.uk/2008/06/23/mac_trojan>
  2) DNSChanger Trojan [http://www.f-secure.com/v-descs/trojanosxdnschanger.shtml]
  From MacWorld, January 10, 2008:
  SecureMac has introduced a free Trojan Detection Tool for Mac OS X. It's available here:
  [http://www.securemac.com>
  The DNSChanger Removal Tool detects and removes spyware targeting Mac OS X. Called DNSChanger Trojan and also known as OSX.RSPlug. A Trojan Horse the software attacks users attempting to play a fake video file.
  Upon attempting to play the video, the victim receives the following message:
  “Quicktime Player is unable to play movie file.
  
Please click here to download new version of codec.”
  Upon running the installer, the user's DNS records are modified, redirecting incoming internet traffic through the attacker's servers, where it can be hijacked and injected with malicious websites and pornographic advertisements. The trojan also installs a watchdog process that ensures the victim's DNS records stay modified on a minute-by-minute basis.
  SecureMac's DNSChanger Removal Tool allows users to check to see if the trojan has been installed on their computer; if it has, the software helps to identify and remove the offending file. After a system reboot, the users' DNS records will be repaired.
  There may be other ways of guarding against Trojans, viruses and general malware affecting the Mac. A white paper has recently been published on the subject by SubRosaSoft, available [here|http://www.macforensicslab.com/ProductsAndServices/index.php?mainpage=document_general_info&cPath=11&productsid=174]
  3) MacSweeper:
  From [Wikipedia|http://en.wikipedia.org/wiki/MacSweeper]:
  MacSweeper is malware that misleads users by exaggerating reports about spyware, adware or viruses on their computer. It is the first known "rogue" application for the Mac OS X operating system. The software was discovered by F-Secure, a Finland based computer security software company on January 17, 2008
  4) MS Office Macro viruses:
  An exception to the "no viruses" is the possibility a macro virus could be present in an Office document and you could help breed that virus if you execute an Office macro. I have my default on Office to run no macros, and always check what the macro will do before I run one (never had to in 10 years of using Office).
  5) It is possible to transfer a Windows virus to a Windows machine via a Mac if you copy the infected file and pass it on. [ClamXav|http://www.clamxav.com> is a free, open source virus scanner for Mac OS X that is designed to scan files that you will be sharing with Windows users to assist in making sure you don't pass on viruses to them.
  6) Some people have had virus-like behavior appear on web pages due to a service (DNS) supplied by their ISP having a security vulnerability. This isn't your computer but your ISP. Nonetheless, it is a security risk. If you experience strange page behavior (e.g., ads for things on sites where you wouldn't expect those kind of ads) try putting these numbers in Network>TCP/IP>DNS Servers:
  208.67.222.222
  208.67.220.220
  Click Apply. This is an alternate site for DNS which is patched against the vulnerability.
  7) If you are using an Intel Mac and run Windows on that computer (or run Windows on a PPC Mac with VirtualPC) you are subject to all the viruses that affect the PC world and should take all the precautions that a PC user would.
  [Dave Sawyer post about viruses on Macs|http://discussions.apple.com/message.jspa?messageID=8884756#8884756]
  [The Mac Malware Myth|http://www.roughlydrafted.com/2009/01/29/the-mac-malware-myth>
  [Should Mac Users Run Antivirus Software?|http://db.tidbits.com/article/9511]
  [Trojans in illegal versions of Mac software downloaded from torrents|http://discussions.apple.com/message.jspa?messageID=8892099#8892099]
  The tool below is supposed to remove these but commentors observe that only those downloading illegal software are vulnerable to these trojans.
  [iWorksServices.clix|http://rixstep.com/2/20090123,00.shtml] 2009-01-23
  The following 1198 byte download will rid your system of the iWorksServices trojan without your having to fumble with Terminal and the command line.
  [Related information|http://www.technewsworld.com/story/Warning-to-iWork-Pirates-Here-Th ere-Be-Trojans-65944.html]
  [Poker Game|http://www.macnewsworld.com/rsstory/63574.html]
  The Trojan is masquerading as a program for Mac OS X called "PokerGame." A shell script encapsulated in an application, it is distributed in a 65 KB Zip archive; unzipped, it is 180 KB, according to Intego, one of the security firms that flagged it.

• Any known compatibility issues with Norton Antivirus for Mac v.11

  I sometimes work freelance for a company that requires freelancers to have an antivirus program on their computers regardless if they are macs.
  Anybody know if there are any known compatibility issues with mac Norton Antivirus v.11 and snow leopard?
  thanks

  Big time. Do not, do not install anything Norton. Your system will be mucked. Comply with the company request and use ClamXav.
  http://www.macupdate.com/app/mac/15850/clamxav

• Norton Antivirus for Mac causes problems?

  On this, and other advice sites, I'm getting the message Norton for Mac causes performance problems. Is this the general consensus, and can anyone offer more info?
  I have NAV and my iMac seems slower lately...!

  Hi--
  In addition to the other advice you've already gotten, I suggest you open the Activity Monitor application from your Utilities folder and see if there are any processes that are taking up too much processor time.
  Once Activity Monitor is open, look at the CPU tab at the bottom. With no other programs open, you should see a fairly high value for "% Idle". It will vary by computer, but my iMac Core 2 Duo from two years ago shows 97 to 100% idle.
  If it's significantly lower, like 85% or lower, go to the menu at the top of the Activity monitor window and choose "All Processes" from the pop-up menu there (not "All Processes, Heirarchically"). Now click a couple of times on the "% CPU" column header until the arrow to the left header points down. The processes that are taking up the most CPU time will be at the top.
  Again, if Activity Monitor is the only program open, the values will be pretty low, like less than 5% usually. Be careful, though, about just quitting processes via that program. It might be possible to get your Mac pretty confused if you don't know what you're quitting.
  charlie

• Kernal message: Could not enable ARP cache poisoning detection.

  Looking at system files in Console, for another issue, I came across this kernal message, which occurs at start-up: "*Could not enable ARP cache poisoning detection. Your computer will not be protected*."
  It's an intel Mac Mini running Leopard ( 10.5.8 ). I have Norton Antivirus for Mac 11 installed (I know, I know), which has ARP cache poisoning turned on in its "vulnerability protection" prefs. I've gotten no warnings of attacks from Norton, just this Kernal message at start-up. I've seen this issue on a couple of other threads with no answer or solution (except advice to Google it... duh!), already archived and accepting no new posts... so no help there.
  Is this ARP cache poisoning detection part of the OS, and if so, why is it not being enabled? Is there a way to enable it? Could the kernal message be telling me that the Norton protection is bugged and not working, or would it be OS related. The mini is a wired connection (ethernet), and there's one other laptop (macbook 10.4.11) using the modem/router ( Actiontec GT 701-wg) via wireless airport. I haven't seen this message on the laptop in console or system logs, but haven't looked hard.
  Someone, please respond with a knowledgeable answer, for me and for others who've asked here and on other forums with no helpful public answers given.

  Doing a "erase and install" of Leopard, thus dumping Norton AV 11, and then installing Snow Leopard... I haven't seen this Kernal message come up again, yet. I'll assume it was some buggy Norton related thing that cropped up after an OS update, but who knows. I'll leave the question open for a bit, in case anyone else has had this issue and found a reason or solution, and wants to share.

• ARP Cache Poison behavior by Apple TV

  Norton Anti-Virus reports blocking an ARP Cache Poison attack against my home network.  The reported source of the attack is the MAC number of the Apple TV on the network.
  Whether Norton is "reliable" is apparently contentious in the support community.  Several authors suggest, with authority, disabling Norton or the particular attack profile.
  Whether that makes sense depends on what the Apple TV is innocently doing to be profiled as a network attack. 
  Even when supposedly "asleep" the Apple TV is doing something that meets the profile of an ARP Cache Poison attack.  It did it every 30 minutes today, nine times yesterday, about 30 times day before and etc. 
  And if it is a design feature of the device, why is the device still performing despite having the activity continously blocked?  What is the purpose of this attack-like activity, assuming it is not an attack?  If it is an attack, how does one erase the programming initiating the attacks and still have an Apple TV?

  Short answer: it is a false positive.  I don't know exactly what causes it but I would guess Apple's Bonjour protocol, which is why you see something every 30 minutes.  That's just a blind guess, but seems to fit.
  Realize that a report of ARP poisoning wouldn't be likely on a private LAN, unless you got infected somehow.  No known malware like this for iOS devices (and much harder to insert one on AppleTV versus an iPhone or iPad.)  There are legitimate cases where ARP spoofing is used.  And even Cisco has instances where they say to ignore that warning:
  CSCsm25943—The meaning of the following error message on the controller is not clear. This message does not necessarily imply that any actual "ARP poisoning" is occurring. Rather, this message appears when a WLAN is configured for DHCP Required and a client (after associating to this WLAN) transmits an ARP message without first using DHCP. The client is unable to send or receive any data traffic until it performs DHCP through the controller.
  DTL-1-ARP_POISON_DETECTED: STA [00:01:02:0e:54:c4, 0.0.0.0] ARP (op 1) received with
  invalid SPA 192.168.1.152/TPA 192.168.0.206
  Workaround: Perform the following steps:
  • Verify that the client eventually does perform DHCP without undergoing an unacceptable outage. If the outage before performing DHCP is acceptable, then you can ignore this message.
  I'm not saying that Norton's message is the same as Cisco's.  Just that Cisco states that the meaning of why the message appears is not clear and sometimes is acceptable.  And Cisco is the world leader in networking technology so if they don't always know why you get an ARP poisoning warning....
  I won't go into the politics of "Norton bad" or whatever, but based on my experience (bias) with Norton in it's various forms for over 10 years, IMHO you can ignore this.  Hopefully you can configure Norton to selectively ignore this.  If not, you may have to use a different security program.  Me personally, I do not recommend any "security suites" because they cause exactly this kind of additional headache.  Just a "plain" antivirus program.  Windows has a built-in firewall and most people will be using a hardware firewall at the office or home so the firewall in the "security suite" is extraneous.

• ARP cache poison

  i hope that this is the correct forum, apologies if it is not.
  I constantly get a Norton "vulnerability blocked" notification because of ARP cache poison. I am assuming that this is a function of my OS, if not I will contact Symantec. Does anyone know how to get rid of this annoyance short of disabling Norton?

  Remove Norton. It's a known troublemaker on Macs and there's very little for it to find - no viruses and only a few easy-to-avoid trojans. See my [Mac Virus guide|http://www.reedcorner.net/thomas/guides/macvirus> for more information.
  If you're worried about your security on the network against hackers, make sure your machine is hidden behind a router. If you're using a wireless network, you're already hidden behind a router, but make sure you're using WPA encryption on that network with a good password.

• ARP cache poisoning detection disabled

  I recently checked all the messages in the console and found the following error message: Could not enable ARP cache poisoning detection. Your computer will not be protected. This message is logged every time I turn on the computer. I am assuming this problem started when I upgraded to Mac OS 10.5.6 since I have never seen this message before and it does not appear on my other machine that is still on Mac OS 10.5.5. Is anyone else getting this message?? Is there any way to resolve this issue so that my computer will be protected? Is Apple aware of this problem and is perhaps working on a fix??

  Do a google search for *'ARP cache poisoning detection'* and read the various hits.

• ARP cache poisoning error

  Hi all,
  I've googled and searched these discussions, but I can't find any pertinent info on this topic, so here's my question...
  While looking into another issue, I noticed that my system.log had logged an error that concerned me:
  *"Aug 4 12:03:52 localhost kernel[0]: Could not enable ARP cache poisoning detection. Your computer will not be protected."*
  This message appears to only be logged on startup, and has been logged numerous times.
  Does anyone know why this protection is disabled, and how I can re-enable it, if that's even possible (or necessary)?
  Thanks!

  Do a google search for *'ARP cache poisoning detection'* and read the various hits.

• What's the best antivirus for mac???should i use one or not??

  what's the best antivirus for mac?? and also should i have one on my mac or not???

  salar ip wrote:
  what's the best antivirus for mac?? and also should i have one on my mac or not???
  Mac's use a Unix based operating system and other controls that make it hostile for viruses to thrive.
  However it's possible to carry Windows viruses to other Windows machines by a Mac, also there might be some corruption if your dealing with a lot of Windows files.
  So all you really need is a scanner to run when you need it, something like the free ClamXav is good.
  http://www.clamxav.com/
  Apple includes a anti-trojan/malicious program type anti-malware service built into all latest versions of OS X, it works and updates in the background.
  There has been many attempts at trying to "trojan" or trick Mac users into installing rogue software on web pages. If you see soemthing like this, best to just Force Quit the browser by clicking on the Finder and selecting Force Quit from the menu.
  A alternative browser like Firefox will offer more protection.
  If you run your typical day to day operations on a Mac in what's called "Standard User", with a separate Admin User account, you'll need to update your Apple Menu > Software Update and your Apple Menu > System Preferences > Security > toggle the "Automatically Update Safe Downloads List" check box on/off about once a week.
  Standard User provides more security restrictions, but is also designed not to intrude into those who are less capable use of the computer.
  Third party plugins for your browser like Flash and Silverlight (used on Netflix) require a once a week check for updates.
  Use a free service like the Mozilla browser check here:
  https://www.mozilla.com/en-US/plugincheck/
  Always back up your personal data and never install programs that your not 100% you trust the source of.
  If you have any questions or suspicions, simply ask the opinions of the more senior users here on this forum.
  Good advice is not to install any anti-virus like Norton that demands the operating system remain a consistent state. Apple changes things all the time, which breaks software like Norton or OS X itself when a Software Update occurs.
  There are two great free 3D games, simply search for: Nexiuz Classic and Cube 2 Sauerbraten.
  If this information helped you, please click "Helpful" or "Solved" thank you.
  Good Luck and enjoy your Mac.

• Avast Antivirus for mac or Eset Cyber Security 6

  Considering many threats nowadays on the Internet, including malware related to false pages, phishing pages, Java threats, I consider important to count on a security solution.
  There are 2 of them I personally consider the best ones on the moment: Avast Antivirus for Mac and Eset Cyber Security 6.
  Well, considering two important aspects - detection (higher scores it's better) and performance (lower system usage resources - like processors usage - it's better).
  What is your opinion about them considering your experience?
  Which one would you choose?
  Thanks in advance!

  "Avast" is perhaps the worst of the whole wretched lot of commercial "security" products for the Mac. It's worse than the imaginary "viruses" you're worried about. Not only does it fail to protect you, it destabilizes and slows down your computer, and it sometimes or always corrupts the network settings and the permissions of files in your home folder. Removing it may not repair all the damage, and neither will Disk Utility or even reinstalling OS X.
  1. This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.
  OS X now implements three layers of built-in protection specifically against malware, not counting runtime protections such as execute disable, sandboxing, system library randomization, and address space layout randomization that may also guard against other kinds of exploits.
  2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files, and to block insecure web plugins. This feature is transparent to the user, but internally Apple calls it "XProtect." The malware recognition database is automatically checked for updates once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
  The following caveats apply to XProtect:
  It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets.
  It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
  3. Starting with OS X 10.7.5, there has been a second layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't necessarily been tested by Apple, but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. That may not mean much if the developer lives in a country with a weak legal system (see below.)
  Gatekeeper doesn't depend on a database of known malware. It has, however, the same limitations as XProtect, and in addition the following:
  It can easily be disabled or overridden by the user.
  A malware attacker could get control of a code-signing certificate under false pretenses, or could simply ignore the consequences of distributing codesigned malware.
  An App Store developer could find a way to bypass Apple's oversight, or the oversight could fail due to human error.
  For the reasons given above, App Store products, and other applications recognized by Gatekeeper as signed, are safer than others, but they can't be considered absolutely safe. "Sandboxed" applications may prompt for access to private data, such as your contacts, or for access to the network. Think before granting that access. OS X security is based on user input. Never click anything reflexively.
  4. Starting with OS X 10.8.3, a third layer of protection has been added: a "Malware Removal Tool" (MRT). MRT runs automatically in the background when you update the OS. It checks for, and removes, malware that may have evaded the other protections via a Java exploit (see below.) MRT also runs when you install or update the Apple-supplied Java runtime (but not the Oracle runtime.) Like XProtect, MRT is presumably effective against known attacks, but maybe not against unknown attacks. It notifies you if it finds malware, but otherwise there's no user interface to MRT.
  5. XProtect, Gatekeeper, and MRT reduce the risk of malware attack, but they're not absolute protection. The first and best line of defense is always your own intelligence. With the possible exception of Java exploits, all known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore amounts to a battle of wits between you and the malware attacker. If you're smarter than he thinks you are, you'll win.
  That means, in practice, that you never use software that comes from an untrustworthy source, or that does something inherently untrustworthy. How do you know what is trustworthy?
  Any website that prompts you to install a “codec,” “plug-in,” "player," "extractor," or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
  A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. (Some reputable websites did legitimately warn visitors who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
  Pirated copies or "cracks" of commercial software, no matter where they come from, are unsafe.
  Software of any kind downloaded from a BitTorrent or from a Usenet binary newsgroup is unsafe.
  Software that purports to help you do something that's illegal or that infringes copyright, such as saving streamed audio or video for reuse without permission, is unsafe. All YouTube "downloaders" are in this category, though not all are necessarily harmful.
  Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. If it comes from any other source, it's unsafe.
  Even signed applications, no matter what the source, should not be trusted if they do something unexpected, such as asking for permission to access your contacts, your location, or the Internet for no obvious reason.
  6. Java on the Web (not to be confused with JavaScript, to which it's not related, despite the similarity of the names) is a weak point in the security of any system. Java is, among other things, a platform for running complex applications in a web page, on the client. That was always a bad idea, and Java's developers have proven themselves incapable of implementing it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been to a Windows-style virus affecting OS X. Merely loading a page with malicious Java content could be harmful.
  Fortunately, client-side Java on the Web is obsolete and mostly extinct. Only a few outmoded sites still use it. Try to hasten the process of extinction by avoiding those sites, if you have a choice. Forget about playing games or other non-essential uses of Java.
  Java is not included in OS X 10.7 and later. Discrete Java installers are distributed by Apple and by Oracle (the developer of Java.) Don't use either one unless you need it. Most people don't. If Java is installed, disable it — not JavaScript — in your browsers.
  Regardless of version, experience has shown that Java on the Web can't be trusted. If you must use a Java applet for a task on a specific site, enable Java only for that site in Safari. Never enable Java for a public website that carries third-party advertising. Use it only on well-known, login-protected, secure websites without ads. In Safari 6 or later, you'll see a lock icon in the address bar with the abbreviation "https" when visiting a secure site.
  Follow the above guidelines, and you’ll be as safe from malware as you can practically be. The rest of this comment concerns what you should not do to protect yourself from malware.
  7. Never install any commercial "anti-virus" or "Internet security" products for the Mac, as they all do more harm than good, if they do any good at all. Any database of known threats is always going to be out of date. Most of the danger is from unknown threats. If you need to be able to detect Windows malware in your files, use the free software  ClamXav— nothing else.
  Why shouldn't you use commercial "anti-virus" products?
  Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere.
  In order to meet that nonexistent threat, the software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
  By modifying the operating system, the software itself may create weaknesses that could be exploited by malware attackers.
  8. ClamXav doesn't have these drawbacks. That doesn't mean it's entirely safe. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so will corrupt the Mail database. The messages should be deleted from within the Mail application.
  ClamXav is not needed, and should not be relied upon, for protection against OS X malware. It's useful only for detecting Windows malware. Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else.
  A Windows malware attachment in email is usually easy to recognize. The file name will often be targeted at people who aren't very bright; for example:
  ♥♥♥♥♥♥♥♥♥♥♥♥♥♥!!!!!!!H0TBABEZ4U!!!!!!!.AVI♥♥♥♥♥♥♥♥♥♥♥♥♥♥.exe
  ClamXav may be able to tell you which particular virus or trojan it is, but do you care? In practice, there's seldom a reason to use ClamXav unless a network administrator requires you to run an anti-virus application.
  9. The greatest harm done by security software, in my opinion, is in its effect on human behavior. It does little or nothing to protect people from emerging threats, but if they get a false sense of security from it, they may feel free to do things that expose them to higher risk. Nothing can lessen the need for safe computing practices.
  10. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use in the Sharing preference pane. All are disabled by default.

• What is the best free antivirus for mac ox iBookG4?

  Hi,what is the best free antivirus for mac ox iBookG4?

  While no one may be bothering to write exploits in PPC code any longer, at least for Flash, that doesn't mean that there aren't any still floating around. The following doesn't specifically mention PPC/Intel, but that doesn't mean there weren't critical vulnerabilities being exploited for PPC in 10.1.102.64. I wouldn't want to take the chance.
  Critical vulnerabilities have been identified in Adobe Flash Player 10.1.102.64 and earlier versions for Windows, Macintosh, Linux, and Solaris. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.
  http://www.adobe.com/support/security/bulletins/apsb11-02.html
  And, from TenFourFox
  PowerPC plugins are unmaintained and insecure, and Mozilla is changing the plugin environment
  No major plugin is being maintained for Power Macs any more: Flash stopped updates with Flash 10.1.102.64 in November 2010, and QuickTime 7 for the PowerPC was decommissioned with the release of QuickTime 7.7 and OS X Lion in August 2011. (Tiger users have not had an update since QT 7.6.4 in September 2009.)
  Plugins have special access to the system. When they are instantiated by the browser, they run as if you were running any regular application, which is true even for out-of-process plugins (which were never available for 10.4Fx due to Tiger SDK limitations). Like any buggy or insecure application, they can be exploited or made to crash, and because the plugin runs within the browser, such methods can also be used to attack, spy upon or destabilize the browser as well. They have also been used to attack the network the computer is running on, and a well-crafted attack vector such as that example can run anywhere Flash does, including Power Macs. Because plugins load automatically by default when the page calls for them, your system could be exploited before you even notice.
  Many of these attacks can be mitigated, though not entirely prevented, by the use of add-ons that can block plugins from loading. However, there is still another problem apart from security: Mozilla is changing the environment and the technical requirements for how plugins interact with the system. These technical requirements are difficult to achieve with Mac OS X 10.4, and there are known graphical and compatibility bugs already. It is entirely possible that in the near future, extant PPC-compatible plugins will not function properly or at all.
  http://code.google.com/p/tenfourfox/wiki/PluginsNoLongerSupported
  Message was edited by: WZZZ

• Do we need antivirus for mac book pro?

  do i need antivirus for mac book pro?

  No.
  See Here  >  Antivirus Discussion
  More Info Here...
  https://discussions.apple.com/thread/4545776?tstart=0
  Mac OS X tends to look after itself...
  To keep your Mac Happy...
  See Here...
  http://support.apple.com/kb/HT1147
  http://www.thexlab.com/faqs/maintainingmacosx.html
  Mac OS X: About background maintenance tasks

• I am wondering if we need a antivirus for mac

  i am wondering if we need a antivirus for mac

  I suggest using third-party antivirus software in addition to the safeguards Apple provides.  I am not an expert on which packages are best. 
  Our company requires all employess to run virus detectors.  They do not specify which we need to run as long as we have one installed.  (They also don't require us to use a Mac but we all have chosen to have one.)  There are many good competing packages and so far as we know none of us have been infected without the antivirus software detecting it. 
  I use Sophos.  http://www.sophos.com/en-us/  It is free.  It has detected and disabled a few malware files on my Mac.