In Massive Patch, Apple Mends Roughly 90 Security Vulnerabilities

Source: information week

In one swing, Apple unleashes a tally of security updates that nearly surpasses all of the patches it released last year.

In Security Update 2008-002, Apple is fixing 87 security flaws that span 30 separate applications, a number of functions in OS X, as well as other platforms that range from Apache to X11.

This service pack-sized patch follows on the heels of an update to both the Windows and Mac versions of its Safari browser, with fixes for more than a dozen vulnerabilities.

The flaws in question create the usual software hazards, such as buffer overruns and the ability to inject malicious code into an unpatched system.



Read more: http://www.informationweek.com/blog/main/archives/2008/03/in_massive_patc.html

---

ahem...

seems like everybody's shit stinks

As Macs capture a larger market share, they will probably become more vulnerable to viruses, etc. They no longer off the radar screen of hackers.

want money to work that hard.

The problem is, it won't do anything worth going to the effort.

The UNIX operating system (yes, Mac's run the UNIX kernel) is inheritantly paranoid. It was written by security people jealously guarding corporate data. Apps don't talk to each other by default and they're not allowed any privileges worth going to the effort of trying to corrupt them.

Windows, however, was designed around the concept that apps must talk to each other. That's how windows viruses do so much damage. The virus comes in on email, next thing you know it's gotten into your database, rewritten all your spreadsheets, gotten into the user database and who knows what else.

Market share has more than doubled and Apple is the #1 Laptop maker.

Where are those viruses? I'm waiting.

yet microsoft people keep saying what you are.

OS X has no flaws, it is immune to virii and hacking :)

How many times a year are there widespread outages due to Windows attacks?

Patches are one thing. Windows vulnerabilities are breached all of the time.

When you have 90% of the market share, people tend to gravitate towards hacking your system. Apple has the luxury of flying under the radar for the most part with under 10%.

As that number rises, which it will, the number of attacks on OS X will increase as well.

That's one of the reasons the Mac is Rock Solid.

At it's core, it's FreeBSD.

OS X uses the Darwin kernel which is derived by some amount from FreeBSD but in a larger amount from NEXTSTEP which was derived from the Mach kernel (which was also adopted by BSD and in turn adopted by FreeBSD.) So, FreeBSD was derived from much of the same code that OS X is derived from but you can't call OS X a descendant. You could almost think of them as siblings and FreeBSD as the older of the two. They both inherited most of their traits from their parents but OS X picked up a few unique things from it's older FreeBSD brother.

http://en.wikipedia.org/wiki/NeXTcube What Steve Jobs was doing when not at Apple or Pixar. Ross Perot played a part in this company

Microsoft releases security updates often as well. They just consolidate the majority of them to once a month.

It's not the patches that they fix that makes it Rock Solid, it's the vulnerabilities that they don't find first.

You're right. Microsoft releases "massive" security updates as well.

I'm sorry, but I don't care how large or small one's market share is over the other. There's a vast army of anti-Macolytes out there who would poke a hole in OS X just so they could laugh about it for once on the Internet. They can't do it.

By comparison, in 2004 an unpatched Windows XP machine had an unexploited life expectancy of less than twenty minutes. And that's the tolerable operating system Microsoft has to offer, the one which makes its previous and subsequent offerings look like the pieces of shit they are.

No, man. Microsoft has a big, big problem, probably borne of its ruthless success in carving out its monopoly. To accommodate everyone, they accommodate everyone including the writers of bad software, the makers of cheap, untested, and easily exploitable hardware, and the script kiddies. To their credit, they're now at least acknowledging the problem by requiring tighter driver writing in Vista, but that'll only last until they're overwhelmed, if they aren't already.

I'm telling this to all of you, the NSA, and probably half of Nigeria, from a Windows machine.

That's common sense.

Have you heard of the "Month of Apple Bugs" last year?
http://projects.info-pull.com/moab/

That proves that if you set your mind to it, you can uncover holes in even a Mac.

BTW, I that link you referenced was pre-SP2. Everyone would agree that before SP2, Windows XP was a horrible insecure mess. However, after SP2 was released, it became resistant to such attacks out of the box, so you would have time to update.

Yes, MS had their share of problems, but most of it comes from their hand being forced by other companies and having to support legacy software or risk losing them as customers. Apple had the luxury of being able to toss out their old system entirely and replace it with a *nix based one, and a backwards compatibility layer (similar to the 16 bit MS compatibility layer).

Especially on the issue of why MS has the problems they have. But I still maintain that the Apple OS is standing up much better to attack than MS is or ever has. That is their luxury, as you put it, but it doesn't take away from the achievement.

(By the way, I don't even like Macs that much. I build my own computers and can't afford Apples even if I did want a one-button mouse. But Microsoft's proven track record of lowest-tolerable-quality still pisses me off to no end. One day soon, I'm gonna pay for something better--or pay nothing for something better, if those penguins ever crank out something an idiot like me can use.)

I just hope that will stay the same as they grow larger. My only beef with Apple is that they are far too restrictive and refuses to support open formats in favor of their own format. I don't appreciate other companies telling me what is best :)

I personally run Ubuntu for my main machine, and dual-boot OS X and Vista on my Mac Mini. Plus Vista on my laptop.

Linux would be awesome if it wasn't such a pain in the ass to tweak and get it working the way you want. Out of the box it's OK, but once you want to do something advanced like, say, install VMware, or install something that's not in the repository, it can easily become a pain.

I'd really like to still use 3-D and illustration programs like DAZ3D and Photoshop. Would I have a chance with it if I used Ubuntu? Is the performance hit too big?

I'm not really keen on learning something completely new if it can't deliver what I want. That's really the only thing holding me back at this point.

Wine has some capability to do that, but I'm not sure how much or how well. I know that you can't accomplish it in a virtual machine such as VMware or VirtualBox. They don't do any 3D.

The 3D in the OS is great though. I'm really happy with Compiz.

Installing vmware player on ubuntu was pretty easy. Literally I just did aptitude install vmware-player Then hit enter a few times to accept all the defaults. run it with a vmx and "it just works" :-)

a windows machine for their home computer over a MAC is beyond me. Ive had MACs for 5 years now...no anti virus software...no bluescreens...no defragin discs...none of that crap. IT JUST RUNS. The operating system, as I understand is based off the unix system developed and used by the scientific community for decades. It is quite stable and quite secure.

Windows just sucks as an operating system. Apple is doing the right thing to keep it secure but I dont think we'll ever see virus attacks on MAC like windows simply because the operating system is far, far superior.

never once had a virus. when i can load my racing sims on a 'nix box, maybe then i'll consider making the switch.

I run strictly Linux and OS X at home and I am a gamer. You just have to know how to make what you want happen. I was playing NFS Carbon under Linux just the other day.

perhaps I'll set up a dually and load up some 'nix, see if it'll run rFactor.

I haven't seen a blue screen since windows me (that was, I freely admit, an enormous pile of shit) and the anti-virus and defrag stuff all runs in the background, and since I'm not a complete moran and don't download stupid crap, my anti-virus never finds anything (total virus history, with windows machines dating back to the mid 80's- one virus, on a shared work computer with XP, easily removed.)

Of course I am a professional.

Windows just sucks as an operating system.

I take it you haven't used any of Microsoft's recent server OSs. My present home system is Windows Server 2003 with the free VMWare Server running on it. I built it last May, and I have never had any problems at all other than finding a printer driver.

Wanna see a Mac user pitch a shit fit? Start a thread that shows that FreeBSD or Mac <insert exotic jungle cat name here> is subject to security vulnerabilities as well. Fun for the whole fambly!!!

has major stomach problems which cause it's shit to smell worse then the rest. Have you ever walked into a bathroom after somebody and though they left an entire sewer behind for you? That is Windows.

I've never been affected by any security problem and have never know another user to be affected either.

That's my idea of fun.

i've had them on my network before. i even set up a triple-boot with XP, Vista, and X386. everybody love everybody!

you will never be affected by a virus.

Of course, if you parade down the skankyest street in the city and have unprotected sex with every hooker in sight, you're about as bright as the majority of computer users.

So Macs come with a built-in condom called bsd/nextstep/whatever, which does help. But you can accomplish the same thing with completely free and easy to use tools in Windows as well. Free firewall, free AntiVirus, and about a day or two of reading on how to properly use it.

I updated my OS a week early.
Did the download while I read the thread - very funny stuff - installed, restarted and am back online in about 15 minutes.

Unfortunately with OSX you need to regularly reboot when they deliver quicktime again because they found another security hole or bug.

Although, the instances of needing to reboot in Linux are few and far between.

But really, what is the issue with rebooting every week or two? It's really not that hard. You can go have a cup of coffee, or walk outside for the 2 minutes that it takes for your computer to reboot. Unless you're running a server it shouldn't be a problem.

OSX every couple of weeks. For a laptop that spends it's unused time in sleep mode it is annoying as it means you have to re-open all your applications. OSX has just as many annoyances as Windows and the only reason it isn't targeted by malware is it isn't widespread enough yet. The regular security patches for quicktime show that there is definately ample scope for viruses et al.

Ubuntu throws those your way more than once a year.

What are these updates? Is there a list somewhere of linux security updates that require a reboot? It would be interesting to compare different OSes. I like that you can install/update almost anything in linux without needing to reboot. Windows is much better than it used to be and on a par with OSX for that.

And I had the option to do the install and not restart until I was ready to.

Picky, picky, picky.

Unbelievable this is even an article. Hello, Microsoft, Dell? Getting worried or something?

Maybe not massive file size, but massive in terms of an update. Microsoft releases maybe 2-3 patches a week usually (don't quote me on that, just my estimation).

The funny thing is, if MS released 90 patches all at once, Linux/Mac users would be shouting how horrible and insecure Windows is.

BTW, I use Mac/Ubuntu/Vista/XP at my house. Each OS has its ups and downs and is better at certain things.

and many are for third party software. However, the MS machines at the office are always needing updating,whilst as my Mac at home needs much less.
By the way, don't forget to download Excel patch for math errors.

All it takes is another quicktime vulnerability and thats an automatic 60mb download isn't it?

http://itnews.com.au/News/72401,windows-vista-sp1-wreaks-havoc-on-some-pcs-users-complain.aspx


Windows Vista SP1 wreaks havoc on some PCs, users complain

By Paul McDougall
20 March 2008 07:28AM

A day after it was released for public download, Windows Vista SP1 is drawing barbs from some computer users who say the software wrecked their systems..

"I downloaded it via Windows Update, and got a bluescreen on the third part of the update," wrote "Iggy33" in a comment posted Wednesday on Microsoft's Vista team blog.

Iggy33 was just one of dozens of posters complaining about Vista Service Pack 1's effect on their PCs. "What a disaster," wrote "SeppDietrich" of the update. "It exiled all my Nvidia drivers to the Bermuda Triangle."

No problems with the updates to OSX. It seems to have fixed some issues with Safari. If I keep several tabs open for ten to twelve hours, it would some times crash.

I made the updates last night without a hitch... and it was fast.

for lesser sites.

I can't wait... I'll be able to paint and illustrate and model in 3d with ease.

I'd get my car fixed.

America's on Windows and Unix servers...

Does mac even have servers?

The windows servers are practically the same os as the work stations. Of course hackers are going to focus on them. Unix and linux are full of holes too, but I love them anyway.

And yeah I'm a win2003 and unix server admin. I'm just mistified why I would ever waste my time breakign into a mac. Home user info, ooh ah, gee pics of kids.

A quick glance at Mac commercials tells you all you need to know: if you're not endlessly and forever editing your own movies and posting your billionth picture to your snarky webpage, but instead need a serious productivity box on which cutting edge software runs, you need a PC.

a Mac Laptop. Macs have been big in the music industry for a very long time. They pretty much revolutionized the industry down in Nashville. The musician was able to do everything from the raw recording to the label design on one machine. They could set up their own studio for near what a four track demo would cost at Jack Clement Studio.

Apple is big in the medical imaging field.

The unimportant stuff on a home computer is very important to that home owner. Stop being so elitist.

Apple Servers
http://www.apple.com/xserve/
http://www.apple.com/server/macosx/
http://www.apple.com/xserve/technology/server.html

Windows and Linux clients welcome.
Xserve isn’t just for the Mac anymore. With out-of-the-box support for Mac, Windows, UNIX, and Linux clients, Xserve is the easiest way to provide powerful, innovative network and Internet services for multiplatform workgroups. And there are no client-access licenses, which means no extra fees. Leopard Server supports 64-bit addressing and large LUNs without requiring you to buy a special enterprise version.

Raid

http://www.apple.com/server/storage/

And most of the software I use isn't available for the Mac.

for small shops, and powerful enough to top line productions.

Films edited using Final Cut Pro The Lord of the Rings used iPods to transport the raw footage to the studios.


The Rules of Attraction (2002)
Full Frontal (2002)
Cold Mountain (2003) (Academy Award Nominee for Best Editing)
Intolerable Cruelty (2003)
Napoleon Dynamite (2003)
Open Water (2003)
The Ladykillers (2004)
Sky Captain and the World of Tomorrow (2004)
Super-Size Me (2004)
Michael Moore Hates America (2004)
Corpse Bride (2005)
Dreamer: Inspired by a True Story (2005)
Happy Endings (2005)
Jarhead (2005)
Little Manhattan (2005)
Black Snake Moan (2006)
Hoot (2006)
Letters from Iwo Jima (2006)
Happy Feet (2006)
Zodiac (2007)
No Country for Old Men (2007)
Reign Over Me (2007)
Youth Without Youth (2007)
Reno 911!: Miami (2007)
Balls of Fury (2007)
300 (2007)
Where The Wild Things Are (2008)

At least they're patching.