Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Releases 'Highly Critical' Patch

Posted by Zonk on from the fill-your-bites-back-in dept.

Toothpick writes "Apple Insider reports that a new security update is available for download from Apple. This addresses issues identified in sudo, Safari, and OpenSSL among others. The gory details are, predictably, available on the Apple Info site." Commentary from ZDNet is also available.

6 of 96 comments (clear)

  1. This could wait a few months, right? by Golias · · Score: 4, Funny
    Why can't Apple just patch their...

    ... oh, they did? Before there were any exploits in the wild?

    Never mind.
    --

    Information wants to be anthropomorphized.

  2. Re:Apple? by jtshaw · · Score: 4, Funny

    Apple includes the BSD userland utilities, and while it does include some GPL'd software it does not require any to run properly. However, I believe we should petition them to starting calling it the "Mach based Darwin/BSD/Mac OS X featuring OSS Software by GNU, Apache, Postfix, Samba, ect."

  3. Re:Highly Critical? Huh? by Anonymous Coward · · Score: 5, Funny
    Highly critical? Why didn't my highly vulnerable mac get attacked for the last five years?

    You don't understand the Windows vs. Professional OS sequence for vulnerabilities:

    Professional OS:
    -Vulnerability found by white hat security world
    -OS Vendor informed
    -OS Vendor works on patch that both fixes vulnerability and doesn't make things worse
    -Vendor tests patch thoroughly
    -Vendor releases patch; world as a whole, including script kiddies, first hear about vulnerability
    -Users, trusting vendor's track record, install patch (see "doesn't make things worse" above)
    -Any exploit is too little, too late.

    Microsoft:
    -Vulnerability found
    -Microsoft informed
    -Nature of vulnerability leaks out to world as a whole
    -Microsoft shoves thumb up bum, waits 6 months
    -Exploit released
    -Microsoft shoves second thumb up bum, wonders about apparent discomfort
    -Microsoft eventually releases patch, may or may not make things better or worse
    -Frustrated people buy Macintoshes

    Simple, isn't it?

  4. Re:What a shock? by kmo · · Score: 2, Funny
    does Microsoft delay because the fix breaks too manyu things

    The reason Microsoft patches to IE take so long is that their quality control is so good. They view every web page on the internet with each new version of IE before releasing it. Of course, by they time they do, some of those pages have changed such that they break, but Microsoft isn't responsible for that.

  5. Re:These are serious.. but kudos for fixing them. by mmkkbb · · Score: 2, Funny

    notice that you didn't say "upgrade"

    --
    -mkb
  6. Re:Highly Critical? Huh? -- Explained by commodoresloat · · Score: 5, Funny

    You just don't understand what they mean by critical. I installed this patch and it immediately started complaining about all the junk on my desktop. Then it started berating me for my lack of sensible folder organization. It criticized my choice of web browsers. I turned on iTunes to drown it out and it started giving me a hard time about my musical choices. By the time it started in on my clothes I was sick of it, so I uninstalled the patch. I'll take the data insecurity so as not to put up with the emotional insecurity, but YMMV.