back to article Apple: Those security holes we fixed last week? You're going to need to repatch

Apple has released a follow-up to last week's security update after finding a pair of flaws that are still vulnerable on patched systems. The Cupertino giant said that the 2015-003 update would address two flaws; a man-in-the-middle vulnerability and type confusion error in OS X Yosemite (10.10.2). Both of the flaws, CVE-2015 …

  1. Anonymous Coward
    Anonymous Coward

    what about other patches?

    okay - so they are squishing (after a few attempts) some security issues. when are they going to fix other issues such as Wifi on yosemite, the bluetooth issues and applications such as mac mail (which inexplicably ask for the autodiscover.xml many many times when using it with exchange servers) ?

    I expect they are degrading OSX so they can slip us the Mac version of IOS and we're supposed to all shout 'revolutionary!' :/

    1. Dana W

      Re: what about other patches?

      IOS for Mac is NOT coming. It just isn't. That has been the scream of trolls since the first iPhone. Mac sales would drop to nothing. It would be idiotic.

      Microsoft are the people who can't seem to tell a desktop from a tablet, not Apple.

      1. chivo243 Silver badge
        Joke

        Re: what about other patches?

        "IOS for Mac is NOT coming." I keep hearing this, but if you've looked closely at the UI of Yosemite, they are beginning to look very similar. Does it mean anything? Let's revisit this in 5 to 10 years

        Maybe Apple could care less about computers these days, I see they make a cheap ass watch, and are talking about cars now too. What's next and airline called MacAir? Better watch out Virgin/Branson...

        1. Dana W

          Re: what about other patches?

          I use both and they really are NOT looking similar. Are you sure you are not thinking of Apple's abandoned child, Launchpad? I don't know anybody who uses that silly thing. And cheapass watch? One thing you can be certain of is it will have superb build quality, and no I'm not getting one. Have you seen some of the terrible cheap Android watches? Or are they only cheap when Its Apple?

  2. Anonymous Coward
    Anonymous Coward

    Damned if you do

    If they take time to put out patches until they're sure they take care of all possible iterations of a flaw, "Apple is too slow putting out patches". If they get them out quickly but something slips through the cracks, "Apple is making users patch twice".

    I'd rather have them quickly and risk needing a second round of patching, as at least it reduces the attack surface in the first go-round.. Those who don't want to be bothered patching twice could always wait a few weeks before installing them...

    1. Adam 1

      Re: Damned if you do

      I'd crack some joke about Apple taking some lessons from Microsoft updates of recent, but security is a hard problem. The defender needs to succeed in every occasion. The attacker needs only to succeed once.

      1. Pascal Monett Silver badge

        Yeah, security is hard - not going to say the contrary on that.

        But buffer overflows ? Really ?

        Sheesh.

      2. silent_count

        Re: Damned if you do

        I agree with you in principle, Adam 1, but it's hard to be sympathetic. The defender is God - it creates the universe the attacker operates in. If the attacker wins, the only possible cause is a failure on the part of the defender.

  3. Anonymous Coward
    Anonymous Coward

    Say what you want ..

    .. but those last patches were the fastest ever released by Apple.

    Anyway, installed an all is well.

  4. kain preacher

    So if apple does not get it fixed in 90 days is google going to spill the beans on the exploit ?

    1. Anonymous Coward
      Anonymous Coward

      "So if apple does not get it fixed in 90 days is google going to spill the beans on the exploit ?"

      By the time you wrote your post the patches with details were already public, and products patched too. Open source security people laugh at the idea of 90 day deadlines.

      (... you forgot thy joke icon)

  5. PhoenixRevealed

    But, but, but... all Apple products just work, and Macs are more secure than Windows boxes.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like