RSSTime for a 'Patch Tuesday' just for Apple?
by Scott M. Fulton, III
In an advisory published by Apple this afternoon, Mac users and admins are being advised of the availability of the seventh major security package this year, which will include some 20 patches for both the System and Mac applications.
The last major Apple security update came on September 15, and the one before was issued on the last day of July. So security updates are getting to be a monthly affair with Apple, just as they've been with Microsoft for quite some time.
One serious situation with the Mac System software itself which the 2008-007 security patch does address, involves what Apple describes as an independent discovery regarding maliciously crafted files and the Finder program. On a Mac, a file can be responsible for generating its own icon in Finder; the content of that icon is part of the file's "resource fork." Malicious code in the icon portion can cause Finder to shut down; and when it tries to restart, naturally, it tries rendering the same icon again. Which causes it to shut down again, which ends up making Finder look like something you saw in a Mac commercial once...on the left side of the TV screen.
While all this stopping and restarting is going on, Finder can lose track of the active user's own account. So this latest patch spawns a separate process for generating icons, which then links back to Finder.
Package 2008-007 also contains fixes for vulnerabilities in MySQL Server, Apache, PHP, and Tomcat.
9 Comments
Jeez, why would anyone want to hurt our beloved Apple OS X? These are sad times :(
Score: 0
Not to worry, with a Mac there is only so much damage you can do. The silly crap you see on a PC like turning hundreds of thousands of infected computers into spamming machines and completely taking over a Mac is something you will never witness.
Apple is all about security at it's core, that is why the Macintosh is built on UNIX. Security is already baked in. All Apple has to do is keep updating the Mac. No need for bloated and memory hogging antivirus.
Score: 0
This is exactly the reason security attacks are pointless on a Mac, Apple is always on top of security, producing the most rock solid and secure OS on the planet.
Score: 0
I'm bored of this style of trolling.
Score: 0
pookie put the pipe down
Score: 0
I think this is a bad attempt at sarcasm.
Score: 0
There goes those gas fumes in the basement messing with your head again lol.
Score: 0
LOL
Time for him to check the batteries in his carbon monoxide detectors. :)
Score: 0
I wonder if ClamAV for Mac is as useless as the other versions. No real-time shield = fail.
Score: 0