Posted on 02/22/2005 8:02:19 PM PST by Swordmaker
APPLE SECURITY UPDATE:
Available for: Java 1.4.2 CVE-ID: CAN-2004-1029 Impact: Updates Java to address an issue where an untrusted applet could gain elevated privileges and potentially execute arbitrary code. Description: A vulnerability in the Java Plug-in may allow an untrusted applet to escalate privileges, through JavaScript calling into Java code, including reading and writing files with the privileges of the user running the applet. Releases prior to Java 1.4.2 on Mac OS X are not affected by this vulnerability. Further information is available in Document ID 57591 from Sun.
PING!
Run your Software Update and download and install this Security Patch for JAVA 1.4.2....
If you want on or off the Mac Ping list, Freepmail me.
And thanks for the help with the email/safari/firefox thing the other day. It's working perfectly, and ended a major annoyance.
Thanks...
Thank you! I don't know what I'd do without your ping list, 'cause that's the
only way I ever hear about these things...
You are appreciated!! ( :
Thanks!
Bush, can't you read? Apple released a JAVA security patch... because JAVA had a security problem. Mac's like every other OS that uses JAVA scripts had the exact same security problem...
Looks like the worm left a hole in the Apple.
I'm not affected.
The Apple platform needs a security patch? Gee, and all the time that I was told that Windows was the devil's invention and Apple was so wonderful.
Bwahahahahahahaahahaha! We're talking about an elevation of privilege exploit, dude, that can allow someone to take over your box. You guys seem to think that can't happen on a Mac, despite the fact that I keep telling you OVER and OVER and OVER and OVER again that your lame OS is just as vulnerable as all the rest...
Software engineering, like any other form of engineering, has its own form of physics which governs its limitations. Anybody who studies this sort of thing knows that defect rates are inversely proportional to the amount of time and effort that you spend developing the software. If you're willing to spend an infinite number of dollars, you will approach zero bugs (asymptotically, that is). NASA's software is much more reliable than anything produced by Apple or Microsoft or IBM because (a) the fact that human lives are involved demands strict proof of correctness, where each line of code must be proven to function, (b) NASA easily spends 10x (or more) than would be justifiable in a horizontal commercial software market, and (c) NASA isn't accountable to the taxpayers (aka shareholders) for its expenditures, so it can afford to accrue expenses which aren't reasonable for Apple, Microsoft, etc. People don't seem to realize this. They seem to think that there's some kind of "mythical process" that, if followed, results in defect-free software. Apple software has just as many defects as Microsoft or IBM. But, for many Mac fanboys, the love of boutique hardware trumps reality. Whatever. If they want to live in some kind of alternate reality -- where Mac software is so much better than anything produced by competitors -- let them live there. Just don't intrude on the reality shared by the vast majority of the planet by pushing their delusions on us.
Bush... it is NOT an elevation of privilege exploit... read the security advisory... it DOES allow a potential hacker to have the same level of access as the user... but not to increase to Root. It did not allow a hacker to install software... that still requires the user's password.
.. telling you OVER and OVER and OVER and OVER again that your lame OS is just as vulnerable as all the rest...
And we keep telling you that our REAL WORLD experience with our "lame" operating system does not comport with your claims. In fact, the real world proves that your final statement is false... again. No one is saying that OSX is not vulnerable... just NOT AS VULNERABLE as others.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.