Apple flaw count for 2007: 111 and counting
Summary: Apple has slapped another patch on its QuickTime media player to plug two serious security vulnerabilities.
Apple has slapped another patch on its QuickTime media player to plug two serious security vulnerabilities.
The QuickTime 7.1.6 update, available for both Mac and Windows users, addresses a pair of implementation flaws in QuickTime for Java, the architecture that provides APIs for developers to build multimedia into applications and applets.
The more serious of the two flaws could allow code injection attacks if a user is tricked into browsing to a malicious Web page.
The bug, reported by researchers from IBM ISS X-Force and Secunia, could allow instantiation or manipulation of objects outside the bounds of the allocated heap. "By enticing a user to visit a web page containing a maliciously crafted Java applet, an attacker can trigger the issue which may lead to arbitrary code execution," Apple said in an advisory.
The second flaw is a design issue n QuickTime for Java that could allow a Web browser's memory to be read by a Java applet.
"By enticing a user to visit a web page containing a maliciously crafted Java applet, an attacker can trigger the issue which may lead to the disclosure of sensitive information," Apple said.
The latest update brings the Apple patch count for 2007 up to 111.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
HAHAHAHAHA!!!
OUCH!!!!
Come on apologists, tell us all why this is no big deal!
Easy
How do you know?
But if you've never had anti-virus or anti-spyware, how do you know you've never had an attack?
[i]They find and fix any vulnerabilities before the bad guys.[/i]
Not quite right. They find and fix any vulnerabilities before ZDNet reports that the bad guys have exploited those vulnerabilities. Who says that the bad guys will tell ZDNet before they release an exploit?
[i]Get a Mac - Because patching 111 times before June is fun![/i]
At least they're finding and fixing them
so thats the mantra now
Sure enough, the beat changes now, they are fixing it.
Want the most secure, get Windows Vista. Want something just for show, get a Mac.
You sure about that?
really
Secure in what sense?
welll
on the other hand, you lame attempt doesn't take away from the story here....an average bowling score's worth of flaws in less than 6 month for Apple. See, the more they try desperately to catch up to Vista, the more they get hurried by Jobs and create very unhealthy software. Boy, i bet you can hardly wait for Leopard, with all of the things they are trying to match Microsoft on that one, you surely can expect another bumper crop of flaws later this year from Apple.
RE: so thats the mantra now
already paid a visit to a spyware infected Vista
installation that the guy had owned for less than a week.
Sure makes me want to replace my mac with a PC
running Vista.
But to be fair, I also have a PC here that has not been
infected with any malware. But then it is running BSD
and not Vista.
I have to say my Mac is for more than just show. I use it
for all my video and audio needs. And when I made the
transition to a Mac my productivity in both these tasks
went up tremendously. So say what you want, but I for
one have found that I get much more work done these
days.
And the Mantra stays the same. Most have never claimed
that OS X is impervious to attack. Just that it is far less
likely to be successfully attacked. And I do take comfort
in the fact that Apple seems to be fairly good about
getting patches out in a timely fashion. Not all the time.
but in this regard they are a lot better at it than MS is.
Yes, for show
Granted: Macs are better in that field. But I'd like my computer to let's me do all sorts of things, not just video and audio. Financial software, games, home entertainment integration?
I'll stick with my PC.
My thoughts
I know the day will come on the Mac, but it hasn't yet.
Now settle down. They are all only computers. Use the one you like.
Tiki, Home Theater Integration?
BTW, just to be fair, the XBox 360 does a better job with video, since it has a lot more high def available to it. Even then, it will forever be a video game system to me, and not a Media Hub like Microsoft wants me to believe it is.
Vista is very secure
Well my son ended up getting some type of hacking on our Dell. It is so secure
now that none of us can use it. My neighbor laughs at us because now we have to
either re-install everything or take it into a technicianto have whatever removed;
his Mac has never been hit at least in the last 5 years.
I am seriously considering a Mac!!!
Good for you.
C'mon, even a zealot...
As Wrong as could be.
The only possible argument against this is to arbitrarily "create" your own independent definition of what a virus is, claim the industry standard for what a virus is, is incorrect and your definition is correct, and then show how the OSX viruses reported in the wild do not meet your definition of a virus. And of course, thats just being an ass. But a few Apple Jacks around here have actually floated that lame argument and expected it to fly.
It does not fly, its an argument without wings and its just plain childish. OSX viruses have been reported in the wild, get used to it, its a fact. Oh, just in case your wondering, apparently Apple makes the argument that the industry standard for a virus is wrong and their definition is correct. And that makes them an ass. We don't allow MS to dictate what is and what is not a virus and we don't allow Apple to dictate what is and what not a virus. If you believe them, fine. Believe the world is flat for all I care.
OK, so a zealot like [i]you[/i]...
check this link:
[u]http://www.eweek.com/article2/0,1895,2139856,00.asp[/u]
You just don't get it.
Read what I said very very carefully, get an ENGLISH translator if you cant read decently and find out I never said Apple was less secure. GET REAL. OSX has had viruses in the wild. Get used to it its a fact.
If you were not sure an Apple apologist you would have got what I said; instead you just look for a way out, a way to make it sound like OSX and Apple computers don't get viruses. I agree, Apples are more secure then Windows. I have nothing against Apple products, in fact I think the quality is pretty damn great, but you pay more then I would for a custom built of superior quality and you cant play games and I haven't had a security problem since SP2 on XP and thats a few years ago so who cares. If security was a significant issue in even the slightest way I wouldn't even come close to purchasing an over priced Apple. I would just get a custom built PC of my exact specifications at about 65% the price of a similar configured Apple and install Linux for free as the majority of the open source apps are great and the OS and related applications are free. Linux is the security solution, not OSX. Windows is the ease of use and compatibility solution, not OSX or Apple. A custom built PC is the cost effective solution, not Apple or OSX. It doesn't matter what kind of solution you think you need; Apple takes no better then second place every time. Oh! Wait! There is one I forgot!! Apple wins one!!
Prestige! Apple are costly, unique, rare, and great quality so they sure scream prestige! But a quality custom builder who takes pride in their work will build and back a better box for less every time so in the real world Apple loses again.
TOO BAD. Get used to it and stop whining. Enjoy your "Apple Guy" commercials because its all you have.
What a terrible blog!
[i]I've used Macs since 1984, and I've been infected by some malware twice. Two times.[/i]
He says this as if it is a good thing. I've been using PCs since 1986 (DOS, Windows, briefly Linux, lots more Windows, back to Linux again) and I've been infected by some malware... never. Ever. I guess this proves that the PC is infinitely more secure than the Mac?
[i]However, by my reckoning of the installed bases for each platform, there should be many more exploits for the Mac. Depending on how you calculate the number?2, 3, 5 or whatever percent?shouldn't there be that corresponding percentage of viruses on the Mac in these lists?[/i]
Ah yes, I pretty much stopped reading after this. Only a [b]complete[/b] idiot brings up the linear marketshare-to-malware relationship through the 0,0 coordinate argument. Even someone with a bit of high school math understands that not all relationships are linear, nor do all of them go through the 0,0 coordinate. For anyone to use this argument shows complete ignorance and any other "conclusions" they put forth are immediately suspect. But, there is no shortage of Mac zealot idiocy as all of you seem keen to prove day after day.