Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Patches Massive Holes In OS X

Posted by timothy on from the well-it-wouldn't-be-polite-to-patch-windows dept.

Trailrunner7 writes with this snippet from ThreatPost: "Apple's first Mac OS X security update for 2010 is out, providing cover for at least 12 serious vulnerabilities. The update, rated critical, plugs security holes that could lead to code execution vulnerabilities if a Mac user is tricked into opening audio files or surfing to a rigged Web site." Hit the link for a list of the highlights among these fixes.

6 of 246 comments (clear)

  1. Re:A refund? by jgtg32a · · Score: 4, Interesting

    buyers remorse?

  2. Re:Cover your eyes by AHuxley · · Score: 3, Interesting

    Anything posted on some forum, whispers in an irc chat?
    Anything new floating around for a Mac running 10.6 that will do an IE and pop the browser/OS from a remote site?
    Most still need the user to enter his/her password as a application/codec.
    Mac are still safe to surf with for now.
    Macs have a list of malware and loggers, the pre OS 10 had lots too.
    But nothing in the wild to infect just yet with a site visit.
    If anything existed outside law enforcement, spooks and one off professional solutions, every Mac AV vendor would have a youtube vid up.
    A link to buy protection at a fair price after the 2 to 3 mins of safari getting infected after following a link and their product saving the day.

    --
    Domestic spying is now "Benign Information Gathering"
  3. Re:image format bugs by TrancePhreak · · Score: 3, Interesting

    Other companies got hit by those a long time ago and have since patched up their image libraries. Apple must have ignored it then and is now paying the price.

    --

    -]Phreak Out[-
  4. "MASSIVE"? by jjoelc · · Score: 3, Interesting

    I just wonder why the summary title says "MASSIVE holes..." when the original article "serious".. a bit of bias, perhaps??

    More realistically, this is just another security update. Find me an OS that doesn't have them, and for similarly "obvious" or "easily found/fixed" (hindsight and armchair hacking being perfect of course) and I'll either switch right away, or dust off the old TRS-80 from my closet to run it on.

    The way I see it, if you have a brain and use it while browsing, you are generally fine. But people are stupid. And if you are going to market your product to stupid people, you need to make sure you do everything you can to minimize the damage stupid people can do to others. (Stupid people generally deserve their own damages...)

    Now to start the debate over which company is more in the business of marketing to stupid people...

  5. Re:Cover your eyes by DJRumpy · · Score: 3, Interesting

    You mean the one with cheaper/slower celeron with less L2 cache, slower DDR2 800 Mhz memory, a cheaper/slower integrated graphics solution, no firewire, a cheaper battery, mono audio speaker, VGA Out Only, no bluetooth standard, no Cam standard, and no optical digital audio output?

    Comparable specs?

  6. Re:Cover your eyes by TheRaven64 · · Score: 3, Interesting

    Well, except get access to the authentication credentials for my Internet banking site and transfer all of my money to a numbered Swiss account as soon as I log in. Good thing it can't get at my Freecell high scores though...

    --
    I am TheRaven on Soylent News