back to article Apple patches more than a dozen holes in OS X

Apple has released an update that patches more than a dozen OS X vulnerabilities, several of which can lead to the remote execution of malicious code. The most serious vulnerability resides in an OS X feature called mDNSResponder, which enables computers to locate and connect to devices such as printers and webcams on a local …

COMMENTS

This topic is closed for new posts.
  1. Sceptical Bastard

    Her we go again...

    These 'Mac vuln found' stories always seem to provoke schadenfreud and gloating from Windows lusers followed by prickly defensiveness from Mac fanboys and insufferable smugness from us 'nixers.

    The fact is that the security of any system (and the information it holds) depends more on the often-illogical neurons in front of the keyboard than on the hardware and software behind it.

  2. Graham Dawson

    re: Her we go again...

    Well, system design helps too. Apple has been criticised in the past for making some of the same mistakes Microsoft made, pushing what should be userspace features deeper in to the OS for better 'integration' and the like. They don't go half way as far as microsoft did but the presence of certain automated features in OSX does create a bit of a compromise, and a compromise is always where a cracker can find his way in.

  3. Anonymous Coward
    Anonymous Coward

    Well!

    I'm just glad Apple seem to be keeping on top of things rather than what Steve Jobs could be doing which is sitting there thinking "we're the shit"...

  4. Anonymous Coward
    Anonymous Coward

    Before any windoze lusers comment... read this...

    before you go spouting off your egotistical/stockhomn syndrome comments about windows being better off and what not... just remember.

    You have over 600,000+ <give or take a thousand> vunerableties to date.

    Time before you get infected fresh out of the box: 30 seconds

    And the number of security exploits? Can't confirm that... because microsoft is still patching the patch that was patched to be patched yet again in the near futrue.

    Give us a break.... at least Apple consistnatly delivers patches when and if there's a problem..and not have a shcedule of "panic tuesdays" or whatever the day of the week they happen to label.

    sorry to burst your bubble... but this is reallity.... lets stick to it.

  5. Tony

    get off your high horse

    this just proving to me that those who drink the Apple kool-aid aren't as great off as they seem to think. At least with windows or any *nix variant, if new vulnerabilities are discovered, the vendor tends to inform their customers of the vulnerabilities found and ways around them until a patch can be administered instead of dispensing a patch out of the blue and not letting your customer base know of the vulnerability until after the fact.

  6. Ord

    Apple sure takes their time..

    I must say it's a touch disconcerting to be an OS/X user and hear about these vulnerabilities so many months after the fact.

    Often I wish they'd take the open-source approach of confessing all vulnerabilities as they arise - and allowing the more savvy users to publically announce them - and even do something about them.

    OS/X is a great OS but it could take a leaf or two from Linux in this regard especially.

  7. Player_16

    They could be like Microsoft...

    ..and anounce the problem right away without confirming it and do nothing about it for months. It would give those script-kiddies time to try it out for themselves to see if it really works. At lease you have an option to let your machine check for you on a timed bases or check when you feel like it and then down load the patch yourself when YOU want. Windows just patch it without you knowing it or the word goes out about a vulnerability and later something is done it but by that time it's too late.

  8. Anonymous Coward
    Anonymous Coward

    Title

    5 years of Win XP no spyware no viruses, biggest know nothing pain in the arse- bas*tards-MAC users.

    Recipe for Potatoe, leak and elitist minority soup, peel and slice 6 potatoes, 6 leeks and 1 mac user(-:

  9. Register Reader

    Wow..

    Pre emptive windows bashing.. someone saying that you can't choose when to download Windows updates.. are people really this ignorant and pathetic? Yep..!! :P I love Mac and Linux more than Windows but this whole debate is pointless. It's good that the patches are out there. As a Macbook Pro owner I'm happy with the way Apple did things, and I will feel more secure while using OS X than using Windows any day..

  10. bigfoot780

    well...

    No OS is 100% secure. Updates will always happen. It takes guts to say ok we have a problems lets sort it rather than burying your head in the sand (m$). Whats this memory leak with windows anyway?

  11. Anonymous Coward
    Anonymous Coward

    People who can't spell should shut up...

    Can anyone please answer why someone always has to crawl into the deep black hole of the lowest common denominator? I.e "windoze lusers" that's an insult so old it's almost a cliché. Well I think it properly comes under the category of aggressive and hateful speech. It certainly isn't educated. I counted at least 4 spelling mistakes and a level of English vocabulary that would embarrass a 12 year old. I have no idea where "stockhomn" is, I don't think a PC has ever had "vunerableties," Apple have never "consistnatly" delivered anything and nothing ever runs to "shcedule."

    I have no idea where this hateful resentment comes from. This misdirected anger and spite is absolutely futile only serves to remind you how powerless you are in this world and how little influence you have over other people. I think there are much better things to be angry about and if all you really do care about are these pseudo-religious wars over operating systems then have absolutely lost your way.

  12. Mat

    I visit one site and one site only ...

    Dave,

    using XP with no firewall/anti-virus software for five years must mean some seriously limited browsing on your part if you claim no infections in that time?

    And how on earth is choosing to buy one computer rather than another, "elitist"?

  13. Anonymous Coward
    Anonymous Coward

    No viruses here either...

    I have to admit that I can only corroborate what Dave said as well; I have never had a virus on a Windows XP machine. Professionally and personally I must have used about a dozen systems since 2002. Dave doesn't say that he doesn't use a virus scanner/firewall, he just says he's never had a virus. I've never had one one on any NT based workstation in about ten years. The last time I had a NT based server with a virus was an inherited NT server in 1998 that had the Chernobyl virus due to out of date virus definitions. Our 100 server Citrix farm, all Windows, has never had a single infection and they're used mostly by students who have scant regard for security. Security really is a matter for the administrator, if your conscientious about what your doing most infections simply will never happen. In my experience nearly all of the infections I've seen were caused by either out of date or failed anti-virus software.

  14. Anonymous Coward
    Anonymous Coward

    Cause of Infections

    "In my experience nearly all of the infections I've seen were caused by either out of date or failed anti-virus software."

    Interesting. In MY exerience, ALL of the infections I've seen were caused by a POS insecure operating system.

  15. Anonymous Coward
    Anonymous Coward

    XP Safe

    There are a great many windows xp users who have never had a problem with the security of their system. They may have had a problem with their wallet, as they have no choice but if they wish to go online, purchasing an annual antivirus software subscription to protect their machine from the profiloration of malware out there. As a linux and windows user I've always protected my windows machine with an antivirus subscription and never use additional cost protection on my linux machine. After six years online with linux, no problems yet!!!

  16. Anonymous Coward
    Anonymous Coward

    Users should take some responsibility for their machines.

    I have been using windows on all my machines as far back as windows 3.1, all the way up-to-date with Vista, I never have Anti-Virus software installed and I have never had a virus on any of them. I have a firewall at the edge of my network (in my NAT/Router), and all my machines have email accounts/browsers.

    I'm not saying windows is any more/less secure than anything else, but I know I am. I'm not stupid enough to open attachments from unknown sources, and visit web-sites I don't know/trust.

    It's like anything else in this nanny state/world we live in at the moment, it's always someone elses fault. 'It's McDonalds fault I'm fat', 'It's the tobacco companies fault that I smoke' and 'it's microsofts fault that I opened an attachment called 'nakedgirls.exe' sent to my by someone I've never heard off, and now I have a virus'.

    Take responsibility for your own actions.

  17. Anonymous Coward
    Anonymous Coward

    RE: XP Safe

    I dont pay for anti-virus software for windows. I dabbled a bit with some free virus tools out there (AVG comes to mind), but never really bothered.

    I read the Register, some other news sites, visit MSDN, compile my code and test it.

    No viruses or trojans... I also live behind a physical firewall ($50 NAT firewall).

    However, I know people that love not paying for shoddy software and wonder why they get infected.

    I also know even more people that pirate windows because they are so cool and wonder why their internet activity lights blink so much.

    And finally, I know why linux users dont get viruses much: you ain't getting a windows virus to infect your linux system while browsing a windows "warez" site.

    If you want to bring it to town, I'll get into ANY system within 12 hours; Newest linux kernel, mac os or non-intel (dep) based Windows system. (novell/qnx are possibilities). This is my job, and if you can access the outside world, chances are I can access you.

  18. Anonymous Coward
    Anonymous Coward

    RE:RE: XP Safe

    Can you hack a Gibson?

  19. Mat

    re No viruses here either...

    That was essentially my point, though perhaps being too oblique about it: the previous poster never mentioned having anti-virus software because it is a given, any Microsoft OS system must be boarded up and guarded before browsing whereas a Linux or Mac OS is not anywhere near as vulnerable and users in general can browse without having to take extra measures to protect their system at all.

    That is the key difference between the various systems, whether or not someone with perverse determination wishes to spend 12 hours or so breaking into an OS, the Mac and Linus systems have a base level of security (essentially sufficient for typical usage) out of the box which all Microsoft systems, so far, have failed to deliver.

  20. Ryan Stewart

    RE: Cause of infections

    "Interesting. In MY exerience, ALL of the infections I've seen were caused by a POS insecure operating system."

    So are you alluding to OSX being a POS operating system since your comment is within a post about OSX having to be patched 5 times in 5 months?

    Again, its security by obscurity and its going away now that OSX is running on more and more machines. It will snowball as more vulnerabilities will be found.

    In hundreds of megs of code there are going to be exploits regardless of the OS. The advanage upcoming OSX hackers have is that most of their users are unaware and unprotected. Since everyone likes to assume its more secure once you get a useful exploit it will likely go untreated.

  21. Jonathan Tate

    Simple rules

    Life has a few simple rules you have to follow if you don't want to be taken advantage of. You know the ones: don't drink from opened bottles, don't pull out your wallet while talking to someone you don't know on the street, etc.

    Like life, there are a few simple rules to having a secure Windows box:

    1) Don't run Internet Explorer.

    2) Don't run Outlook.

    3) Always keep Windows up to date.

    4) Don't run stuff you don't trust.

    I'm sure you *NIX savvy folks could come up with a list of dos and don'ts, too.

    But as for MacOS, can you name anything that a common user (barely able to send an email) could have done to negate the threats described in this article? Security through obscurity only works as long as MacOS itself is obscure. Just be glad that these holes were found by someone with morals.

    Honestly, if you think Windows users are ignorant and susceptible, just you see what will happen to Grandma when that "Apple computer credit card confirmation request" window pops up while she's watching a short video of her grandkids on her brand new "friendly and secure" iMac. At least with a "notoriously insecure" PC she might have called up a more knowledgable family member before completely filling out the form...

This topic is closed for new posts.

Other stories you might like