Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Patches Massive Holes In OS X

Posted by timothy on from the well-it-wouldn't-be-polite-to-patch-windows dept.

Trailrunner7 writes with this snippet from ThreatPost: "Apple's first Mac OS X security update for 2010 is out, providing cover for at least 12 serious vulnerabilities. The update, rated critical, plugs security holes that could lead to code execution vulnerabilities if a Mac user is tricked into opening audio files or surfing to a rigged Web site." Hit the link for a list of the highlights among these fixes.

6 of 246 comments (clear)

  1. Re:Twelve? by mjschultz · · Score: 5, Insightful

    Apple's own security update page (http://support.apple.com/kb/HT4004) lists these six, where did Threatpost author get the number 12 from?

    The Flash update is actually 7 vulnerabilities.

  2. Re:Cover your eyes by amicusNYCL · · Score: 4, Insightful

    You just couldn't wait to post that, could you? FYI: every piece of software needs updates, and there is still always one piece of software that will be more secure than the others. I don't know if OSX is more secure than Windows 7, but both of them will continue to receive updates, that fact doesn't make either of them less secure.

    --
    "Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
  3. Re:Twelve? by Graff · · Score: 5, Insightful

    The Flash update is actually 7 vulnerabilities.

    Moral of this story:
    Avoid Flash and you can cut the amount of vulnerabilities approximately in half!

    --
    Sapere aude!
  4. Different Day, Same Crap by His+Shadow · · Score: 4, Insightful

    Has anyone driven a truck thru these gaping holes? Anyone? Beuller? When OSX is suffering from a deluge of viruses from all these supposed gaping holes in it's Architecture, please come back and let us know. Because while every operating system has vulnerabilities, only Microsoft was kind enough to make those vulnerabilities accessible by system wide scripting mechanisms that allowed millions of computer users the world over be the subject of attacks from the hundreds of thousands of pieces of malware constantly fighting to infect Windows PCs. The count (for those who think a security vulnerability makes Apple's points about viruses invalid) is about one hundred thousand to 0. This is being very generous. So, yes, as a matter of fact, there are no viruses for Mac OS X. Not virtually none, not almost none. None.

    --

    Fiat Homos et Pereat Theos

  5. Re:Cover your eyes by EvanED · · Score: 4, Insightful

    So as we wouldn't count a problem with notepad as a Windows OS issue, so we shouldn't count ones for other OS's non-essential programs.

    Not saying you're in this group, but a lot of people around here have no problem counting IE vulnerabilities against Windows.

  6. Re:Cover your eyes by shutdown+-p+now · · Score: 4, Insightful

    So as we wouldn't count a problem with notepad as a Windows OS issue, so we shouldn't count ones for other OS's non-essential programs.

    So far as I have seen, problems with user-space components such as Notepad are indeed counted as Windows issues. Which makes perfect sense, since Notepad is present out of the box, and the box says "Windows" on it.

    Similarly, OpenBSD has a fork of Apache 1.3 in their base system. If a vulnerability is found in that, then surely it's an OpenBSD vulnerability (hence the difference between base system and ports).

    If Apple ships Flash plugin that way, then they have to deal with any security issues that may cause.