Apple has rolled out software updates that patch just about everything but the kitchen sink. In all, there are fixes for at least 54 security bugs, many of which could allow attackers to remotely execute code on vulnerable Macs and Windows machines. A whopping 41 vulnerabilities reside in OS X 10.4, which is better known as …
Patches are already commonly installed
"Apple users are going to have to get used to the same things that Microsoft and Unix users have dealt with for a long time and that's that patches are a fact of life."
Isn't that what all the Ys in the 10.X.Y updates are about? Patches? Not only have mac users been installing these since 10.0, but what about the security updates? They've been a fact of life for a long time now.
Microsoft prefers the nomenclature "Patch" whereas Apple prefers "Software Update" Same same...
Don't "journalists" get fired for such BS?
This almost smells of an ethics violation. First, the updates were much much more than security updates and there weren't that many security updates in each of the updates. Next, the trojan requires the user to enter his admin password. Yeah, that's really a port trojan. *shakes head* Finally, no one can defend against stupid users.
Please, when you are going to try to bash Apple, tell the accurate truth.
Cue Webster Phreaky's insane cackle...
...in 4... 3... 2...
"As Apple grows its market share and becomes a more mainstream operating system, there's going to be a lot more interest in it from the whitehats and the blackhats," said Randy Abrams, director of technical education at anti-virus provider Eset. "Apple users are going to have to get used to the same things that Microsoft and Unix users have dealt with for a long time and that's that patches are a fact of life."
People have been saying this for years and suddenly some rube security expert says it and people pay attention. Damn'it, people are such tools.
We've been patching OS X since day one. I'm not sure what's suddenly changed here?
Jason: Microsoft calls their program Windows Update/Microsoft Update. Apple calls theirs Software Update...
You're being way to defensive here. All the article says is the currently new batch of patches, errm, software updtes, fixes more security holes than usual. There's no "Apple bashing", no lies (it says straight up in the article that you have to be gullible enough to download and install software some site claims you need to get the trojan...), and no implications that anything suddenly changed. When Windows has had unusually big "patch Tuesdays" there's an article; if some Linux distro patches like 50 bugs at once, there'd be an article about it. Really, it's a lot of bugs to fix all at once and that's all there is to it.
Can I just say thank you .....
.... to Apple for getting these patches out so quickly and without poncing around. I would be far more concerned if Apple didn't patch release so quickly.
And as someone has already said above - we've been patching OS X for ages, so this is hardly a big event, or an event at all other than to say its happened.
No need for flame retardent clothing on this article. Nothing to see here, move along.
Couldn't agree more.
"Has Steve had a poo yet? I'm starving!"
I agree. No-one's bashing Apple here - have you all automatically gone on the defensive? We only bash Apple when they deserve it - today they just released a massive patch, and as El Reg often does, it's commented on that patch to make people aware of it. Just like it does about once a month with Microsoft.
Comments are bad.
I don't think I could write for something that included people adding their comments to it. So many people are so thick/full of hate/full of blind devotion/stupid/pigheaded that everything that gets posted gets someone saying something really angry.
@Solomon Grundy: What did you expect the fricking 'security expert' to say when asked to comment on this topic? "Well people have been talking about this for years so am not going to answer your question and be stick my finger up at you instead."
'getting these patches out so quickly and without poncing around'
These are patches for 10.4 aka Tiger. How long has that been around now? These should have been taken care of before now don't you think? Especially the flash one which has had a fix available since July.
And fair's fair, you lot always bash MS if they take longer than they should with a patch to fix a vulnerability.
It's rare that I see a balanced article on apple from the reg, so big thumb up for this one! I'd add a thumb up graphic, but I've adblocked all the little pictures so I don't have to endure the Face of Horror (yes, Paris Hilton).
@everyone... I love you all sooo very much!
Can't we all just get along?? Let's not Reg bash, the article was obviously not apple bashing, but just reporting on the facts. I would love to see all you 'haters' do better!
@Anonymous Coward - 'Don't "journalists" get fired for such BS?', Man, get over yourself! Let's see you do better!
Reg, we love you, don't ever change!
re: Don't "journalists" get fired for such BS?
>> Next, the trojan requires the user to enter his admin password. Yeah, that's really a port trojan. *shakes head*
err isn't that *exactly* what a trojan is? a piece of software that convinces you to run it (usually with admin privs) and then does something other than what it claims (usually bad)?
How was the article in any way 'bs' or unethical?
This seems to be a typical fanboi post: When Windows has a problem it's because Microsoft is crap ... when OSX has the same problem its because the user is stupid (hang on maybe that last bit's not so inaccurate...)
The reason for these patches..
The reason for these patches is simple, Apple's OS uses open source components, command line tools and daemons much like Linux and commercial Unix does.
Flaws in these get identified from time to time and Apple adds these fixes to their patches.
These flaws weren't necessarily identified on OSX and proven to have been a problem.
".....the same things that Microsoft and Unix users have dealt with......"
Cue flaming Linux fanbois!
(Even the most rabid MS fanboi is going to do no more than shake their head, sigh heavily and mutter "I know, I know" at this.)
"Cue flaming Linux fanbois!"
The Linux 'fanbois' are too mature to be bothered, because they are saying "I know, I know" too. They know that patches are necessary to fix vulnerabilities (vulnerabilities caused by the fact that to err is to be human, and therefore to be human is to err, and all sufficiently complex software will have issues). It's pathetic for the Windows users to be flaming Mac users when they obviously have no clue about computers themselves. I know plenty about computers yet I still enjoy using Mac OS from time to time, in the knowledge that it is a lot less likely to be compromised than Windows is.
Sophisticated Port Trojan?
Define sophisticated :-/
Yep, some people at Reg do hold the opinion that a lure at a porn sight is a sign of sophistication. WOW. The beaty of IT all suddenly revealed itself. NOT.
>>These are patches for 10.4 aka Tiger. How long has that been around now? These should have been taken care of before now don't you think?
Um, the article is about patches in 10.4.11 and 10.5.1. How long 10.4 has been out is nothing to do with the patches - the next time MS releases a patch for XP are you going to complain that it should have been fixed in 2001?
The patches also contain some major upgrades - in 10.4.11 Safari 3 came out of beta, and it's heading for becoming the best browser available anywhere.