New Remote Root in Mac OS X

Cysgod writes "I've released a security advisory detailing a new remote root vulnerability in Mac OS X 10.3, 10.2 and possibly earlier versions." The main thrust is that it exploits a problem in the DHCP client, to gain root access, and turning off various services can prevent attack. It is unclear why an exploit was made public before Apple resolved the problem. Apple's fix is apparently scheduled for a December release.

Oh please, spare us your generalizations!

You said: "Maybe so it wouldn't be swept under the carpt, like ALL other Apple security problems."

Give me a break. That is anything but a true statement, and one born of prejudice. Apple, Microsoft, those hardworking folks making Linux better all recognize that flaws exist in software and work hard to do something about it. Software by nature is large and complex, the product of human efforts. And as such, it will not be perfect. For all the hard work of programmers throughout the world, mistakes will happen. But companies like Apple work hard to correct them quickly. If you develop software like I do, you will understand that you can't just issue a patch and expect the problem to stop. You have to test the patch thoroughly to make sure that it does not create unintended problems of its own. To say that Apple sweeps security flaws under the rug is an insult, not only to Apple, but to any developer that has to correct the problems of an exploit. Save your venom instead for the jerks and script kiddies who are the real problem, not Apple.