Apple plugs 25 Mac OS X flaws

Apple has issued a security update for Mac OS X that addresses 25 security flaws affecting various parts of the operating system, including some third-party components such as the Kerberos authentication technology. The most serious of the vulnerabilities could allow an attacker to gain complete control over an un-patched Macintosh, Apple said in a security advisory. The update deals with another trio of zero-day bugs that were disclosed as part of the Month of Apple Bugs in January. While several of the vulnerabilities repaired by Apple's updates were previously known, it doesn't appear that any attacks exploiting the flaws actually occurred. Apple has released a Mac OS X security update each month this year. Last year, the company released two Mac OS X updates in the first four months of the year. The latest update is available through the Software Update feature in Mac OS X and from Apple Downloads.

News source: News.com

Report a problem with article
Previous Story

Yahoo jumps on carbon neutral bandwagon

Next Story

WinPatrol 11.3.2007

38 Comments

Commenting is disabled on this article.

anything made by faulty beings will in turn be faulty since a being cannot make something greater than itself. So, until God himself gives us a perfect operating system, there will never be a perfect operating system.

plus, if a perfect operating system were made, many in tech support would be out of a job.

Grr... I'm tired of idiots of arguing about the security level of Windows, OSX, GNU/Linux. They act like they're comparing flaws in their mothers. It's a friggin piece of software, not a close relative. Stop taking sides because they all have flaws. Stop touting one being better than the other because time will prove you wrong.

Totally agree.

Grr... I'm tired of idiots of arguing about the security level of Windows, OSX, GNU/Linux. They act like they're comparing flaws in their mothers. It's a friggin piece of software, not a close relative. Stop taking sides because they all have flaws. Stop touting one being better than the other because time will prove you wrong.

I was ashamed to be part of the human race when I saw all the fools criticisizing Microsoft on the ANI (cursor) flaw instead of being supportive and understanding (like they are when their favorite OS has a security problem and they rush to its defense).

Blehrg.

Caleb said,
Grr... I'm tired of idiots of arguing about the security level of Windows, OSX, GNU/Linux. They act like they're comparing flaws in their mothers. It's a friggin piece of software, not a close relative. Stop taking sides because they all have flaws. Stop touting one being better than the other because time will prove you wrong.

Well said...
Windows or Mac, it´s software.Flaws will always be there.

Wait, I thought OSX was perfect and didn't have flaws?

You might be tired of hearing 'the same thing', but I've been hearing uninformed morons blab on about Microsoft being 'evil' for years. People are only just starting to see Apple for who they really are - crap.

Isn't it true that Windows Vista was based on Windows Server 2003 and not on XP? So, in essence, Microsoft did scrap the old code and work from a fresh base.

Apple OS X has been proven to be the most insecure operating system, followed by Linux. Windows Vista has been proven to be the most secure.

Well if Microsoft said so, then I'm totally sold.

Secunia's reports also compile differently. Mac OS X vulnerabilities are all lumped under "Mac OS X". That's since 2003. Windows Vista, on the other hand, is brand new. 8 vulnerabilities already in a brand new product versus 101 since 2003 for OS X? I don't think Vista's going to fare so well.

Elliott said,
Well if Microsoft said so, then I'm totally sold.

Secunia's reports also compile differently. Mac OS X vulnerabilities are all lumped under "Mac OS X". That's since 2003. Windows Vista, on the other hand, is brand new. 8 vulnerabilities already in a brand new product versus 101 since 2003 for OS X? I don't think Vista's going to fare so well.

Well according to Secunia, there have been 98 OSX vulnerabilities, in the last 51 months. That's an average of ~ 2 per month.

Also according to Secunia, there have been 8 vulnerabilities in Vista, in the last 6 months (Vista was released in November). That's an average of ~ 1.33 per month.

The math seems to say to me that Vista's doing pretty good right now.

LMOA, when microsoft release 35 patches they get bagged out big time saying they are crap and their software is insecure, when apple does it, you all say great they are legends i can't believe they fixed all that in a month. the issue is they had the holes in the first place.

I believe apple is less secuire than microsoft and always has been, it's not there are no holes it's just who can be bothered hacking a mac, especially when it comes to patching issues microsoft is without a doubt the best. look it up if you don't believe me.

and no i am not a mac hater i actually admin both systems, and do not really have a preference. They both have issues in their own little ways.

You can't help but notice though that Apple puts out patches that fix flaws before they are exploited. Microsoft puts out fixes when outside pressure forces them to admit it's a problem. Big difference.

Mac OS is more secure by design, I can pull up half a dozen reports on the subject that I've seen written this year alone about it. It's UNIX, nothing Microsoft has written (or stolen) can even compare to the architecture. Tis just the way it is. I use both systems too, but Apple did the smart thing by junking decades old code and beginning fresh. I hope Microsoft gets the sense to do that too one of these days.

I can also pull up reports of attempts to hack into Macs. And the only success stories are with copies of the OS that are severely out of date and root access given to the hacker prior. I just can't honestly say the same with Microsoft products. But I'm not a hater, if Microsoft improves (Vista did not help them in this department) I'll gladly support them. They just gotta improve first.

AeronPrometheus said,
Mac OS is more secure by design, I can pull up half a dozen reports on the subject that I've seen written this year alone about it. It's UNIX, nothing Microsoft has written (or stolen) can even compare to the architecture. Tis just the way it is. I use both systems too, but Apple did the smart thing by junking decades old code and beginning fresh. I hope Microsoft gets the sense to do that too one of these days.

In terms of design and elegance, the NT architecture beats the pants off of UNIX; there's no reason why MS would want to rewrite NT. Microsoft's main problem is that they choose to maintain backwards compatibility. A lot of the vulnerabilities in Windows that are found are found in areas of code that are almost never used and are there solely for compatibility reasons.

It's like a beautifully crafted childrens fable. I think the karma gods are finally sitting down to say, "hey, why do all these apple fanboys think there OS is perfect....", I say it's turn-abouts-fair-play.

Holy cow, you people never let up, do you? Find me one person that says "Macs are flawless" on this board and you'll win a cookie.

PsykX said,
Pretty tired of hearing the same thing over and over...

ye well Im pretty tired of Apple always boasting about how secure OSX is despite all these exploits so I reserve the right to make the same lame joke everytime Apple releases security fixes.

Wow, in about a month they fixed all that... I wonder how many bugs from MOAB are fixed now. Some of them can't really be fixed by them (Like the VLC one...) but still...

VLC fixed the bug themselves... inside three days of it being posted ^_-

I'm really impressed with how on the ball Apple is being with security, 4 updates for 2007 in as many months. And it seems all they can do to Tiger is release maintainence patches. Which is why I still can't convince myself that Leopard won't be out until October. They're pulling our leg, it just doesn't make sense to push it that far out not with how fast Apple can roll out updates and fixes for engine level software on the OS.

AeronPrometheus said,
VLC fixed the bug themselves... inside three days of it being posted ^_-

I'm really impressed with how on the ball Apple is being with security, 4 updates for 2007 in as many months. And it seems all they can do to Tiger is release maintainence patches. Which is why I still can't convince myself that Leopard won't be out until October. They're pulling our leg, it just doesn't make sense to push it that far out not with how fast Apple can roll out updates and fixes for engine level software on the OS.


They haft to be thats all they got going for them.

PsykX said,
Oh, nice one, I didn't even hear about a new version of VLC. Worth the download I guess!

I don't think the fix merited a version change (By now there's got to be a newer version though, right?), but I remember seeing a news blurb on their main page about it. I got wind of the update from a blog which prompted me to get it.