Feeds

back to article Apple fixes critical Mac holes triggered by image files

Apple on Wednesday patched 18 holes in its Mac OS X operating system, seven that could allow an attacker to remotely take over a machine when a user does nothing more than view a booby-trapped image. The ImageIO Framework, which helps Mac applications read and write popular image formats, was responsible for five of the image …

COMMENTS

This topic is closed for new posts.
Paris Hilton

Code execution in the login screen??

Mahvelous. IIRC, many moons ago MSGINA had a similar issue (too lazy to research tonight.) Lessons never learned?

Paris, too lazy to bother with her MSGINA problem.

0
0
FAIL

I prefer MS Security Holes

After reading the recent spate of security flaws in Apple products, I'm thinking that I prefer the security holes in Windows - they're a bit tougher at least.

0
0
Anonymous Coward

There are also a standalone Security Update 2009-003 patches

for all Leopard flavours and Tiger: they can be found in Software Update

0
0
WTF?

Wednesday?

Funny that software update hasn't offered me the patches yet, despite bugging me continuously to update Safari (which I never use) and reboot the damned machine.

q: WTF should I have to reboot the entire machine just to install a web browser patch?? Is there more to the Safari-MacOS relationship than meets the eye? (like IE vs Windows) or is it just Apple being a bunch of tossers?

0
0
Anonymous Coward

Vulnerability

Oh dear.

I wondered why ColorSync had opened up the other day without me doing it.

:-o

0
0
Anonymous Coward

Hang on a minute

Releasing patches to fixes security holes. I'm confused, I thought is was about Apple but the methodology and security holes make it sound like Microsoft.

Can you confirm which company this article is about ?

0
0
FAIL

Long term issues?

Seem to remember ColorSync has been the subject of several serious exploits in OSX going back to at least 10.3... and poor TIFF handling was the exploit used to crack the iPhone/iTouch. You might have thought Apple would have licked this bug by now.

0
0
Law
Welcome

RE: Wednesday

"Is there more to the Safari-MacOS relationship than meets the eye? (like IE vs Windows) or is it just Apple being a bunch of tossers?"

Who know's what goes on behind closed doors (and code)... It's probably both... but I'm assuming the reboot is to update Safari for all users on the machine, not just the current user - but I've got nothing to back this up as I know more about Windows than I do about OSX.

I remember always being annoyed when fanboys would laugh at windows users for reboots and dodgy updates, and yet at the same time I'm being forced to reboot for an update to itunes, quicktime and safari... these days I'm more mellow, but it still grates on me... but I guess if it needs to be done, it needs to be done...

Funny how VLC doesn't need to reboot my OSX install though, but then again Apple might use quicktime to load the "preview" icon for avi's etc, so I can see it needing to restart to update that bit of the OS at least.

0
0
Coat

OS Security

I'm always being told that Macs are bulletproof and have no security issues. At all. Ever.

Was I lied to?

0
0

@Lockwood

Any Mac user with half a brain would never make such a claim. You sure you're not confusing the common "no viruses for OS X in the wild" statement with security issues?

0
0
Happy

Anyone notice that ...

Desktp icon denoting iDisk has changed from purple/lilac to blue?

0
0
Anonymous Coward

schadenfreude

Wintards - come back when Microsoft stop releasing critical patches *every month* for an OS that they claim is the most secure and advanced on the market. If you think that "patch Tuesday" will cease after the release of Windows 7 then you are living in cloud cuckoo land! See http://www.theregister.co.uk/2009/08/05/windows_7_show_stopper_bug/

0
0
Silver badge
Flame

Standard flame post

My computer is better than yours. You should try running *insert operating system name* instead.

0
0
Anonymous Coward

@Lockwood

OS X is full of holes, but none are ever exploited.

So in that respect, no, you weren't being lied to.

0
0
FAIL

Interesting

...how few comments there are on this article. I can't help but wonder how many there would have been had the subject been a Microsoft OS.

Anyway, the Reg must have made an error, according to the ads, Mac's don't have vulnerabilities.

0
0

Please

Anyone who ever claimed that Macs have no vulnerabilities is an idiot speaking utter b@lls, to such a level that he/she probably works as an administrator for government schools. Any computer hooked up to a network has a risk of vulnerabitlites ... yes, kiddies, even Linux and BSD. Now, it's the *rate* and *severity* and *duration* of those vulnerabilities you need to watch out for.

0
0
Grenade

@Lockwood

If you're daft enough to believe that - about anything - then you deserve to be lied to!

It's better than Windows, as that's as much as anyone can say. But it ain't perfect.

0
0
WTF?

18 Holes ??!!!

The most advanced OS ??!!! Just proves that MacOS was written by humans & possibly

the same quality as M$.

More users Apple gets, more things come out of the woodwork...

0
0
Linux

Just a matter of time

Quite. The more popular they get, the close Apple will need to look at their security. This does of course reveal the mythology behind the ads; it's pretty obvious it's because the userbase isn't yet as common as the MS products.

0
0
h 6
Thumb Up

@ Wednesday AC:

Safari uses WebKit, which is in the OS. Webkit is also used my other apps too. So to update Safari, you update Webkit, which is in the OS, whish is why a reboot.

0
0

Here we go again...

I'm not a fanboi of any OS since I use more than one...

But as soon as Mac [or Linux] has the same install-base as Windows, AND it maintains the same low exploit/attack rate that it currently enjoys right now, then I'll agree that it is a "more secure" OS.

0
0
This topic is closed for new posts.