There are two important notices that have just come out about the potential security risks in QuickTime and Norton’s Firewall.

Apple’s QuickTime poses a much greater risk than Internet Explorer or Firefox due to inadequate patching by users. An analysis conducted by vulnerability tracker Secunia found that 33.1% of QuickTime 7 installs were not up to date with security patches. The same pattern found on consumer machines is thought to exist on business computers implying that many businesses may be at risk.

The disparity in security risk stems from our assumptions of what is a bigger security threat.

Users know browsers often have security holes, and updating them – particularly Microsoft products – is often a well-established habit that takes place on a known schedule. But Secunia’s data shows that outside of operating systems and browsers, users neglect regular patching. [Macworld]

Norton’s Personal Firewall has a serious vulnerability that gives hackers a means to inject hostile code into vulnerable systems.

Users of Norton Firewall products have been urged to update their software following the discovery of a serious vulnerability in the security package. The bug affects Norton Internet Security 2004, Norton Internet Security 2004 Professional and Norton Personal Firewall 2004 - later versions of the software are not affected by the flaw. Users of the 2004 editions should check the LiveUpdates for security fixes. Norton Antivirus is registering some false positives at the moment – a full update can be found here.

Via Macworld and The Register ; Tags: norton, quicktime, security flaws, software security flaws, security issues, security, norton firewall