Slashdot Mirror
Apple Mac OS X Update For 17 Vulnerabilities
BSDetector writes "Apple has released fixes for 17 OSX vulnerabilities, ranging from system takeover to denial-of-service attacks. It was the fifth security update released this year. It also marked the first time this year that an operating system security update from Apple did not patch a vulnerability disclosed by the January Month of Apple Bugs project. Today's update pushed Apple's year-to-date patch total to over 100. More than one of the affected flaws were called 'critical' or 'dangerous'."
All systems have vulnerabilities.
Macs have no EXPLOITS (yet).
This lack of exploits, and thus they need to spend tme preventing/dealing with them, is the selling point for Macs.
You Windows people have been ever confused on the fine distinction, I guess because on Windows if there's a vulnerability there's an exploit already written and working. Us Linux and Mac users know life can be better.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Which OS doesn't have security vulnerabilities? For every single significant OS, the updates keep on coming. What matters is a good enough secure foundation - Apple and Linux have had that since long - they don't make users run as root.
Backend - Again, you are wrong - BSD is as best as it can get when you are talking about backends. And if it wasn't for Steve Jobs Apple would not have had OS X at all - It is based on NEXTSTEP ( http://en.wikipedia.org/wiki/NEXTSTEP ) and without it they would have either had to live with something not up to the mark or license WindowsNT. And most people buy macs for OS X and some for the hardware quality.
...and the bubble of no 0-day exploits on OS X is just waiting to burst.
Yeah, and when they do - then I'll be just as poorly off as Windows users are today! So until that day, why not be better off?
Only I won't be doing as poorly as Windows users, because it will take a long time for Mac or Linux exploits to catch up to Windows exploits numerically.
Sometimes. Not always. See last month's patches. None were 0-day.
That you know of...
"There is more worth loving than we have strength to love." - Brian Jay Stanley
I guess it was a hit job which blindsided Telestream's Flip4Mac, Panic's Transmit, Colloquy's Colloquy, Unsanity's Application Enhancer, and the open sourced VLC as innocent bystanders in their vendetta against Apple, so at least six non-Apple branded programs were thrown in to fill out the month. Day 31 has a "filler", meaning that it's just over three weeks' worth of Apple Bugs.
There may be some legitimacy to the complaints that Apple was unresponsive, but I agree, to bring in flaws in third party products to the mix is beyond irresponsible.
It doesn't matter how long it takes to patch an exploit, as long as it is patched before it's used in a virus or other attack on a system. There are currently no OS X viruses in the wild that can attack a Mac in a meaningful way (there is a proof-of-concept one that requires the user to install it). Compare that to the tens of thousands of Windows OS viruses and worms exploiting security holes without requiring the user. Given that, I'd say that Apple has an excellent track record when it comes to patching vulnerabilities.
...how long has Unix existed? How many threats in the wild exist compared to oh, say, Windows? How many web servers run some variant of *nix compared to Windows and, of those servers, how many are affected by exploits and threats almost daily?
Yeah, bring that myth of "smaller user base means less of a target" one more time. I could use another good laugh.
Yes, they can. You see, Mac users do not all speak with a single Borgified voice. There are some Mac users that believe the scarcity of exploits is due to the better design of a Unix base. And there are actually other Mac users that believe the smaller market share makes Macs a less attractive target. Amazingly, there might even be Mac users who change their beliefs according to argument and observation. What chaos!