ie8 fix
madison

Zero Day

Ryan Naraine, Emil Protalinski and Dancho Danchev
Home / News & Blogs / Zero Day

Apple patches Pwn2Own flaw in massive Mac OS X update

By | March 22, 2011, 9:20am PDT

Summary: Apple has shipped another Mac OS X mega-update with fixes for 54 security vulnerabilities, including one that was used to hijack an iPhone 4 device at this year’s CanSecWest Pwn2Own hacker challenge.

Apple has shipped another Mac OS X mega-update with fixes for 54 security vulnerabilities, including one that was used to hijack an iPhone 4 device at this year’s CanSecWest Pwn2Own hacker challenge.

The Pwn2Own vulnerability, exploited by researchers Charlie Miller (right) and Dion Blazakis, was originally billed as a flaw in MobileSafari but Apple says the issue exists in the way QuickLook handles Microsoft Office files.

A memory corruption issues existed in QuickLook’s handling of Microsoft Office files. Downloading a maliciously crafted Microsoft Office file may lead to an unexpected application termination or arbitrary code execution.

During the Pwn2Own hack, Miller used the iPhone 4’s built-in Safari browser to surf to a rigged Web site hosting a Microsoft PowerPoint document.  Once the document was opened, Miller was able to launch the exploit and hijack the iPhone’s address book.

The new Mac OS X v10.6.7,  which should be treated as a high-priority update, also fixes numerous issues that could allow remote code execution attacks via rigged image or font files.

[ SEE: Charlie Miller wins Pwn2Own again with iPhone 4 exploit ]

Some examples of the more serious vulnerabilities:

follow Ryan Naraine on twitter

  • AppleScript: A format string issue existed in AppleScript Studio’s generic dialog commands (”display dialog” and “display alert”). Running an AppleScript Studio-based application that allows untrusted input to be passed to a dialog may lead to an unexpected application termination or arbitrary code execution.
  • ATS: A heap buffer overflow issue existed in the handling of OpenType fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution; Multiple buffer overflow issues existed in the handling of TrueType fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution.
  • CoreText: A memory corruption issue existed in CoreText’s handling of font files. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution.
  • ImageIO: A heap buffer overflow issue existed in ImageIO’s handling of JPEG images. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution; An integer overflow issue existed in ImageIO’s handling of XBM images. Viewing a maliciously crafted XBM image may result in an unexpected application termination or arbitrary code execution;  A buffer overflow existed in libTIFF’s handling of JPEG encoded TIFF images. Viewing a maliciously crafted TIFF image may result in an unexpected application termination or arbitrary code execution.
  • Installer: A URL processing issue in Install Helper may lead to the installation of an agent that contacts an arbitrary server when the user logs in. The dialog resulting from a connection failure may lead the user to believe that the connection was attempted with Apple.
  • QuickLook: A memory corruption issue existed in QuickLook’s handling of Excel files. Downloading a maliciously crafted Excel file may lead to an unexpected application termination or arbitrary code execution. This issue does not affect systems prior to Mac OS X v10.6.
  • QuickTime: Multiple memory corruption issues existed in QuickTime’s handling of JPEG2000 images. Viewing a maliciously crafted JPEG2000 image with QuickTime may lead to an unexpected application termination or arbitrary code execution; An integer overflow existed in QuickTime’s handling of movie files. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution; A memory corruption issue existed in QuickTime’s handling of FlashPix images. Viewing a maliciously crafted FlashPix image may lead to an unexpected application termination or arbitrary code execution.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Topics

Apple Macintosh, Flaw, Apple Inc., Apple Mac OS X, Apple Mac OS, Operating Systems, Security, Software, Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues.

Disclosure

Ryan Naraine

The most important disclosure is of my employment with Kaspersky Lab as a member of the global research and analysis team. Kaspersky Lab is a global company specializing in anti-malware and secure content management technologies. I do not own stocks or other investments in any technology company.

Biography

Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content management technologies.

Prior to joining Kaspersky Lab, Ryan was Editor-at-Large/Security at eWEEK, leading the magazine's and Web site's coverage of Internet and computer security issues and managing the popular SecurityWatch blog, covering the daily threats, vulnerabilities and IT security technologies. He also covered IT security, hacker attacks and secure content management topics for Jupiter Media's internetnetnews.com.

Ryan can be reached at naraine SHIFT 2 gmail.com. For daily updates on Ryan's activities, follow him on Twitter.

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?
Ask a Question Start a Discussion
86
Comments
Add Your Opinion

Join the conversation!

Just In

RE: Apple patches Pwn2Own flaw in massive Mac OS X update
lovedong 13th Sep
awesome! have a wonderful day happy replica watches best
View in thread
0 Votes
+ -
RE: Apple patches Pwn2Own flaw in massive Mac OS X update
Loverock Davidson 22nd Mar 2011
54 security vulnerabilities? Yikes!
0 Votes
+ -
RE: Apple patches Pwn2Own flaw in massive Mac OS X update
Cyrorm Updated - 22nd Mar 2011
@Loverock Davidson
Yikes indeed, not to take away from Microsoft or Linux flaws, but didn't Mac OS X get a massive number of updates just days before the Pwn2Own contest as well?

Quote:
With obvious eyes on this year?s CanSecWest Pwn2Own hacker challenge, Apple today dropped two major security updates for Safari and iOS to fix more than 60 vulnerabilities that could be used to hijack Windows, Mac OS X or iPhone/iPod Touch devices.
0 Votes
+ -
RE: Apple patches Pwn2Own flaw in massive Mac OS X update
maskman01 22nd Mar 2011
@Cyrorm

Safari was updated before Pwn2Own but not OS X. This is an OS X update
0 Votes
+ -
RE: Apple patches Pwn2Own flaw in massive Mac OS X update
Cyrorm 22nd Mar 2011
@maskman01

Quicktime is not Mac OS X yet it is listed in this Mac OS X update. But that is just arguing semantics. Obviously there were some flaws in the "Just works" OS, just like there are in all others. I just hope they weren't holding any of these fixes for more than a few weeks after they were done testing to ensure they didn't break anything else by fixing these issues.
0 Votes
+ -
Apple does not hold onto fixes
edtimes 22nd Mar 2011
@Cyrorm
They aren't like Microsoft that holds onto fixes until some predefined date. Apple releases patches as soon as they are ready. That is why you never know when the next patch is going to drop.
0 Votes
+ -
LOL! It's funny you actually believe this!
ye Updated - 22nd Mar 2011
@Cyrorm: Apple releases patches as soon as they are ready.

Because we know that 54 patches were all ready on the exact same date!

That is why you never know when the next patch is going to drop.

Which I consider unfortunate.
0 Votes
+ -
Do you have proof they weren't?
edtimes 22nd Mar 2011
Because we know that 54 patches were all ready on the exact same date

How do you know they weren't? Apple has publicly stated that they don't sit on patches and the record is a perfect one: Apple has never been hit with an exploit.

Which I consider unfortunate.

No, it keeps the bad guys guessing. This is a good thing. Again, Apple's security record is perfect so it is obviously working.
0 Votes
+ -
Common sense.
ye Updated - 22nd Mar 2011
@edtimes: How do you know they weren't?

Something that is absent in Mac fanboys.

Apple has publicly stated that they don't sit on patches and the record is a perfect one: Apple has never been hit with an exploit.

Another Apply fanboy equating lack of attention to the platform with security.

No, it keeps the bad guys guessing.

PWN2OWN would suggest otherwise.

This is a good thing. Again, Apple's security record is perfect so it is obviously working.

If by "maintaining a low market share" then yes, I would agree with you. Their security strategy is working quite well.
0 Votes
+ -
iPad has a huge marketshare
edtimes 22nd Mar 2011
iPad's marketshare is bigger than Windows 7's marketshare yet Windows 7 gets hit by FAR more malware than iPad does. Poof: there goes the marketshare argument!
0 Votes
+ -
LOL! It's funny you actually believe that too!
ye 22nd Mar 2011
@edtimes: iPad's marketshare is bigger than Windows 7's marketshare yet Windows 7 gets hit by FAR more malware than iPad does. Poof: there goes the marketshare argument!

You're grasping. I must say as the fanboys go you're one of the top cheerleaders!
0 Votes
+ -
RE: Apple patches Pwn2Own flaw in massive Mac OS X update
Rama.NET 22nd Mar 2011
@edtimes
>>iPad's marketshare is bigger than Windows 7's marketshare
Could you please prove it.
0 Votes
+ -
RE: Apple patches Pwn2Own flaw in massive Mac OS X update
apetti 22nd Mar 2011
@Cyrorm yes they did, but the contest didn't allow any browser or platform updates after a certain date which was prior to the event. This was done to keep all OS and browsers on the same series of updates.
0 Votes
+ -
@Rama: Happily
edtimes 22nd Mar 2011
Could you please prove it.

iPad has something like 95% marketshare.

Windows 7 has something like 20% marketshare.

iPad has no malware attacking it.

Windows 7 has more than 100,000 pieces of malware attacking it.

Marketshare argument countered. Case closed.
0 Votes
+ -
Try comparing like to like.
ye Updated - 22nd Mar 2011
@edtimes: One can only install applications on the iPad through Apple and only after they've been vetted by Apple. Not so for Windows (or OS X for that matter).

Your desperation isn't helping you.

Windows 7 has more than 100,000 pieces of malware attacking it.

Really? That's Windows 7 specific malware which only targets Windows 7 and not all versions of Windows combined? Can you show me the data supporting these numbers?
0 Votes
+ -
RE: Apple patches Pwn2Own flaw in massive Mac OS X update
Username894 22nd Mar 2011
@edtimes

For an Apple Fanboy you must be riding the short bus. You're trying to compare the iPad to Widows 7. ROFL! Thats two different worlds. Tablet vs Operating System? ROFL!
0 Votes
+ -
RE: Apple zealots claim iPad has a huge marketshare
WinTard 22nd Mar 2011
@edtimes
You claim: "Pad's marketshare is bigger than Windows 7's marketshare yet Windows 7 gets hit by FAR more malware than iPad does. Poof: there goes the marketshare argument!"

Talk about grasping at straws! Talk about denial! Talk about ignorance!

For the record, these OS X v10.6.7 security patches did NOT make it yet into iOS which still is vulnerable! Duh.

And Windows 7 has sold over 300 million copies versus 15 million for the iPad. Duh!

Finally Windows 7 is much more robust than OS X even after these 54 critical vulnerability patches.

Just as Pwn2Own demonstrated for 4 years in a row...

~~~~~~~~~~
I can stand brute force, but brute reason is quite unbearable. There is something unfair about its use. It is hitting below the intellect.
~ Oscar Wilde

It is impossible to make people understand their ignorance; for it requires knowledge to perceive it and therefore he that can perceive it hath it not.
~ Jeremy Taylor (1613 - 1667)
0 Votes
+ -
I had a feeling Micro$oft was involved
LTV10 22nd Mar 2011
A memory corruption issues existed in QuickLook?s handling of Microsoft Office files. Downloading a maliciously crafted Microsoft Office file may lead to an unexpected application termination or arbitrary code execution.

Now they're spreading their germs to Apple. lol...
0 Votes
+ -
RE: Apple patches Pwn2Own flaw in massive Mac OS X update
michael56555@... Updated - 22nd Mar 2011
@Cyrorm
I updated my up until then fully patched Snow Leopard IMac with something like 575mb worth of patches a couple or three weeks before CanSecWest, then a week later had another smaller update. I remember the patch being larger than the SP1 on my Win7 computer.
0 Votes
+ -
RE: Apple patches Pwn2Own flaw in massive Mac OS X update
maskman01 22nd Mar 2011
@Cyrorm

You said "didn't Mac OS X get a massive number of updates just days before the Pwn2Own"

I said: " Safari was updates"

My point was merely that A Mac and Windows App was updated Safari and not OSX (which is an OS)
0 Votes
+ -
LTV10. Thanks for emphasizing the Apple software flaw.....
xuniL_z 22nd Mar 2011
by making your typical circa 1995 ABM joke.

memory corruption issues existed in QuickLooks

Yeah, boy, Apple has a firecracker team of devs. Wooo weee.

OS X is one giant scab holding on with band-aids 1000 layers deep.
LOL.
0 Votes
+ -
They did an update, yes...
vulpine@... 22nd Mar 2011
@Cyrorm: ... but it was only one day before the challenge and the machines had all been 'frozen' two weeks earlier. That update didn't affect the outcome. However, that one and this one combined block the attacks used this year against OS X and the iPhone.
0 Votes
+ -
RE: Apple patches Pwn2Own flaw in massive Mac OS X update
Jimster480 22nd Mar 2011
@Cyrorm No they are updates for Apple devices. Not Windows
0 Votes
+ -
@edtimes .. hey pal
thx-1138_@... Updated - 22nd Mar 2011
... some words of advice .. quit while your behind.

That hole your digging, at break-neck pace, ain't getting any shallower.
0 Votes
+ -
RE: Apple patches Pwn2Own flaw in massive Mac OS X update
???Dilemma 23rd Mar 2011
@Cyrorm
Quicktime is a system app in os x which supports all graphic apps. Quicktime player is not os x but quicktime is.
0 Votes
+ -
Poor bitter lunatic
LTV10 26th Mar 2011
@xuniL_z
So when are you going to put Apple out of business?

Don't you think you should adjust the propeller on top of that tin foil hat you wear?

lol...
0 Votes
+ -
More OS X band-aids on top of band-aids on top of band-aids on top of.....
xuniL_z Updated - 22nd Mar 2011
bandaids...it just doesn't end with this piece of flawed OS.
Who would want an OS that is spackled and duct taped together as much as OS X? Seriously, unless you are going to deny the magnitude of it's need for patching, then you can't argue it.
Windows 7 is vastly superior in all respects. Apple's hardware is good, but it ends there.
Maybe Apple should just get it over with and make a deal with MS and load Windows as the native OS.
It would be a hell of lot better, more secure and far less patched by many magnitude.
Holy God, OS X is like some redneck's trailer fixes....all duct tape, plastic covers over the broken windows and cardboard over the holes in the walls.
0 Votes
+ -
Band-aids on top of band-aids...
vulpine@... 22nd Mar 2011
@xuniL_z : You say that against Apple when Microsoft itself recently sent a patch that covered a Windows 98 vulnerability claiming, "We didn't really need it, the vulnerability is buried so deeply, but we wanted to play it safe." Windows 7 is still sitting on top of XP on top of 2K on top of 98 on top of 95 on top of Dos. When a company openly claims that a vulnerability is too deep to access, you really have to wonder how many layers of band-aids are covering that open wound.
0 Votes
+ -
Wrong, wrong, wrong!
ye 22nd Mar 2011
@vulpine: Windows 7 is still sitting on top of XP on top of 2K on top of 98 on top of 95 on top of Dos.

Windows 7, Windows XP, and Windows 2K are not based on top of Windows 98, Windows 95, nor DOS. I suggest you learn more about Windows because this shows just how clueless you are.
0 Votes
+ -
RE: Apple patches Pwn2Own flaw in massive Mac OS X update
nickdangerthirdi@... 24th Mar 2011
@Vulpine, wow, use windows much? 2k was built on completely different technology than win98, I will give you that XP win7 and Vista are built OFF of 2k, but hardly on top of, and M$ has a monthly update schedule not a quarterly one, which is what apple does MOST of the time, M$ also wrote of thier OS themselves unlike apple who took a perfectly good OS (BSD) and turned it into the mess that is now OSX... I am linux user by choice, and even I have to admit that Win7 is vastly superior to OSX....
0 Votes
+ -
You wish.
baybayblacksheep 30th Mar 2011
Another who speaks of the idiot savant that is windows. If it weren't for Apple, Windows wouldn't have an operating system, or a mouse for that matter! Read a little before you open your mouth to ignorance. Just another copycat.
0 Votes
+ -
RE: Apple patches Pwn2Own flaw in massive Mac OS X update
lovedong 13th Sep
awesome! have a wonderful day happy replica watches best
0 Votes
+ -
RE: Apple patches Pwn2Own flaw in massive Mac OS X update
Cylon Centurion 22nd Mar 2011
Why are we comparing iPad with WP7? Two totally different devices.
0 Votes
+ -
RE: Apple patches Pwn2Own flaw in massive Mac OS X update
Username894 22nd Mar 2011
@Cylon Centurion 0005

edtimes is comparing a tablet device to an operating system.
Maybe he doesn't know the difference.
0 Votes
+ -
RE: Apple patches Pwn2Own flaw in massive Mac OS X update
Mr_Dave 22nd Mar 2011
@Cylon Centurion 0005

The comparison is for those that say the 'market-share percentage' is what malware writers go for. Since Windows 7 (not WP7) has the big market-share on desktop/laptop systems that compares well with the iPad having the large share for Tablets.
0 Votes
+ -
Windows, not Windows 7, has the market share.
ye 22nd Mar 2011
@Mr_Dave: The comparison is for those that say the 'market-share percentage' is what malware writers go for. Since Windows 7 (not WP7) has the big market-share on desktop/laptop systems that compares well with the iPad having the large share for Tablets.

I have seen no Windows 7 specific malware. Just malware that runs on all versions of Windows. So trying to single out Windows 7 (which likely has less malware than XP) is foolish.

Even worse is the comparison of closed platform where the vendor vetts each application before it can be installed and an open one where any software can be installed.

Put simply: It was stupid.
0 Votes
+ -
iOS and WP7 are competing mobile operating systems
vulpine@... 22nd Mar 2011
@Cylon Centurion 0005 : It's not really two different devices.
0 Votes
+ -
Please read the OP's post again.
Wolfie2K3 22nd Mar 2011
@vulpine@... He wasn't comparing Windows Phone 7. He was comparing Windows 7 to the iPad (iOS).

Big difference there, hoss.
0 Votes
+ -
Apples to snails.
baybayblacksheep 30th Mar 2011
Yuppers, it's like comparing apples to snails.
0 Votes
+ -
RE: Apple patches Pwn2Own flaw in massive Mac OS X update
dev/null 22nd Mar 2011
Rama.NET - Could you please prove it.

edtimes - Happily
iPad has something like 95% marketshare.
Windows 7 has something like 20% marketshare.
iPad has no malware attacking it.
Windows 7 has more than 100,000 pieces of malware attacking it.
Marketshare argument countered. Case closed.

excellent proof there edtimes - especially when you use "something like" in your statements. Face it, your pet OS/Phone/Company is not perfect, something that most people already knew. Sorry to break your heart.
0 Votes
+ -
I could clarify his point
vulpine@... 22nd Mar 2011
@dev/null
* iPad currently holds between 75% and 85% of the tablet market share
* Android currently holds between 15% and 25% of the tablet market share.
* WP7 devices hold 0% of the tablet market share.
* Symbian holds something like 35% of the smartphone market.
* Android holds something like 30% of the smartphone market.
* iPhone holds something like 25% of the smartphone market.
* RIM holds something like 10% of the smartphone market
* WP7 holds less than 1% of the smartphone market.
* Windows in general holds something like 75% of the full-OS market. Millions of viruses and malware attack Windows even today. Latest report I saw stated than an unprotected Windows machine is infected within 10 minutes of going online, even without email or web surfing.
*OS X has about 20% of the full-powered OS market. Total viable attacks against OS X can be counted on two hands, if that many. A machine using OS X can go online without protection and remain uninfected indefinitely--for now.

No, no OS/brand is perfect--that's why they put out security updates--but OS X is effectively more secure because there are effectively no viable exploits being used against it. Again--so far.
0 Votes
+ -
Lack of exploits does not indicate a secure system.
ye 22nd Mar 2011
@vulpine@: No, no OS/brand is perfect--that's why they put out security updates--but OS X is effectively more secure because there are effectively no viable exploits being used against it. Again--so far.

Just because there are no viable exploits doesn't mean there can't be. Again: Given OS X's small market share (no it's not 20%, try ~4%) why target 4% (or even 20% if we're to use your erroneous number) when you can target 96% (or 80% if I again use your erroneous number)?

People much smarter than you or I easily compromise OS X when there's incentive. They've even stated it's slightly less secure than Windows.

Simply put: OS X is not targetted because it has a small market share.
0 Votes
+ -
Neither does a plethora of exploits...
vulpine@... 22nd Mar 2011
@ye: ... indicate an insecure system, right?
I said 20% and I meant 20% for OS X and I can prove it. I also meant 50% for Windows. The erroneous numbers are yours unless you can prove otherwise with a recent report.
http://techcrunch.com/2011/02/27/apple-versus-microsoft-share/
0 Votes
+ -
@vulpine
ego.sum.stig@... 22nd Mar 2011
I wouldn't bother with chaps like ye. You're essentially arguing with people who believe gravity ejects you from the planet and choose not to notice that their worldview is just a little bit flawed.
0 Votes
+ -
Seriously? When did vistors to Techcrunch become representative of...
ye Updated - 22nd Mar 2011
@vulpine:

"In February of 2007, 83.24 percent of users visiting TechCrunch did so from a Windows machine. One year later, in February 2008..."

...world wide market share?

Not convincing, how about this:

"In four years, Windows share among TechCrunch readers has fallen 30 percentage points. Thats incredible."

My how desperate you've become.
0 Votes
+ -
Perhaps you should have checked the link before commenting.
ye 22nd Mar 2011
@ego.sum.stig: It would have saved you from looking like such a fool.
  • Flagged
0 Votes
+ -
@ye
ego.sum.stig@... 23rd Mar 2011
You're a one track record mate, and one that's worn down to static.

In the odd wee occasions I bother looking at zdnet and see a post by you, you're always rabbiting on about how no one has anything credible to say or any credible backing for anything they post, calling them fools for not salivating in fawning agreement to your babble.

That's basically sad and pathetic.
0 Votes
+ -
RE: Apple patches Pwn2Own flaw in massive Mac OS X update
kasapo 22nd Mar 2011
@edtimes, username894

Not to mention that the iPad has a high share of the *tablet* market. Do you own a tablet? I don't. I own four computers -- a netbook (tablet market?) w/ Windows7, two linux boxes and another windows 7 box. Oh and another laptop with a perma-dead battery also on Win7.

If you look at adoption rates of Windows7 compared to the adoption rates of all OSes and compare that to the adoption rates of the iPad to all tablets, you might have something.

HOWEVER, some of the cooler new malware is following the industry trend of platform independence... meaning that your credentials can be hijacked, your mail read and your file-system exposed regardless of your OS.

Just because *you* don't run across malware on *your* mac doesn't mean its not there. I run my Win7 Laptop without antivirus or anti-malware and manage to keep it clean by not visiting untrusted sites and not downloading and executing much from the internet.

While there isn't a lot of malware for mac products, you would be surprised by the stealthy spyware and ransomware available. While bigger in Russian markets, it is becoming popular: http://www.techrepublic.com/photos/mac-os-x-ransomware-hype-or-real-threat/403883?seq=4&tag=content;photopaging#photopaging

My 2 1/2 cents.
0 Votes
+ -
I am on the wrong distribution list...
fshephe 22nd Mar 2011
Why are 90% of ZDNET News alerts about Apple and ipads... Apple ships less than 10% of all PC's worldwide.
The corporate world is full of HP's and Dells...and SERVERS...and NETWORKS...and SAN's

yet all I read is what appears to be some geek (probably from somewhere in Academia) extolling the virtues of what is little more than an Etch-a-sketch with cute graphics...
0 Votes
+ -
RE: Apple patches Pwn2Own flaw in massive Mac OS X update
MrElectrifyer 22nd Mar 2011
@fshephe Have you actually scanned every zdnet article? Try that, if you actually have the time and watch that 90% drop below 20%. Yah I know that wasn't your point.

IMO, these articles are here to shine some light in the eyes of most OS noobs; especially Unix derivativ users.
0 Votes
+ -
RE: Apple patches Pwn2Own flaw in massive Mac OS X update
mlbslugger 22nd Mar 2011
Geeze, okay everyone. Of course Macs have all ready been hit. You need to delve further back and read up. Of course not on a scale such as Windows. It appears the Windows and those of us that know and use most major OS's have the logical arguement. But first, the fact Apple is patching so many holes shows that they are there and that the OS can be exploited at any time. It also logically can be assumed that there are just as many more unplugged flaws in OSX yet to be discovered.

The marketshare argument is the most valid in as much as most people attack systems that will garner attention. These days, they are attacking specific servers and OS's that belong to major companies to make a statement that will be big news. Not many major companies and governments use OSX, so why would a hacker even go there?

And of course not, Apple sits on patches, that's fairly obvious. They weren't all ready on the same day, that's obvious. People are too gullible.

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix