Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Patch Released, But Is It Enough?

Posted by ryuzaki0 on from the conflicting-viewpoints dept.

entenman writes "Apple Computer's security update train rumbled into the station with fixes for a whopping 43 Mac OS X and QuickTime vulnerabilities. The Security Update patches 31 flaws in the Mac OS X, most of them serious enough to cause 'arbitrary code execution attacks.'" Unfortunately, InfoWorldMike writes "InfoWorld.com reports that Independent researcher Tom Ferris said there were still holes in Safari, QuickTime, and iTunes that he reported to Apple but were not patched in the latest release on Thursday. Ferris told InfoWorld he is considering releasing the details of the unpatched holes on May 14 on his Web site. He also says he has found new holes in OS X affecting TIFF format files and BOMArchiver, an application used to compress files. He did not provide details about the flaws or proof of their existence."

4 of 338 comments (clear)

  1. Quicktime? by DeadPrez · · Score: 0, Offtopic

    Its all about VLC. It sometimes works kinda weird on my mactel but its a pretty good Quicktime replacement.

    1. Re:Quicktime? by ImaNihilist · · Score: 0, Offtopic

      But what if you *gasp* really like QuickTime? It's strange, as a Windows user, that I actually like QuickTime despite the fact it constantly crashes in Windows, on websites, and is slow as crap on Windows XP. It's very streamlined and simple. I prefer it loads over WMP. The lack of draconian DRM is a plus too.

  2. Re:non-NX CPUs irrelevant, not shipped by Apple by suv4x4 · · Score: 0, Offtopic

    The Core Duo and Solo CPUs support no-execute. The vulnerability does not lie with the CPU, it lies with Apple failing to use that capability of the CPU.

    I love it when people repeat what I said in attempt to argue :) See again what I said and compare it to what I quoted from you.

    Having to rely on hacks from a 3rd party is a bit of a security risk itself. Sure it will be loads of fun to get Mac OS X running on a homebrew system, but these system will be novelties and fun topics of conversation, very rarely will they have serious users.

    I'd say put your shit together. We're talking hackers here. You think they will be confused in installing and using OSX when there a simple quide with steps and installations all over the web? My dog can install it.

    And you can bet that if they find an exploit in Safari from hacked OSX 10.4, it'll work on Safari from original OSX 10.4, since the hacked components are related to the BIOS support and the TPM chip, and nothing to do with 99.99% of the OS.

  3. Re:Security by oscurity by Scudsucker · · Score: 0, Offtopic

    I'd look into it, no matter how oscure it is.

    Typo, or attempted irony?