Via DailyTech.com
Apple last week released a massive security update package for their Mac OS X operating system as well as updates for the QuickTime player bundled with Mac OS X. The update fixes a number of security issues including a number of code execution vulnerabilities that could allow an attacker to compromise Mac OS X and run undesirable programs.
The update also includes fixes for Apples popular Quick Time player that could allow an attacker to use malformed media files launch denial of service attacks or compromise a users system. The update to QuickTime also improves the applications stability.
The Mac OS X update also fixes code execution vulnerabilities in AppKit, ImageIO, BOM, CFNetwork, ClamAV, CoreFoundation, Finder, FTPServer, FlashPlayer, LaunchServices, libcurl, Preview, QuickDraw and QuickTime Streaming Server.
Anyone have a breakdown on the time between fixes in the open source world and when they are fixed in OS X??
ClamAV and several of the other products are open source, and it is well known that vulnerabilities found in open source products are also found in their OS X couterparts.
This fact isn't something that Apple can afford to overlook. When open source products are patched, the details are handed to the bad guys. How long will that vulnerability exist in OS X before it is fixed??
No comments:
Post a Comment