Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

(Apple) Security Update fixes Finder, iChat, more
MacNN ^ | 02/15/2007

Posted on 02/15/2007 4:42:57 PM PST by JohnSheppard

Apple today released Security Update 2007-002 to fix several vulnerabilities affecting the Mac OS X Finder, iChat, and the UserNotificationCenter process. One vulnerability could cause an application to crash or result in arbitrary code execution, resuming the user is enticed into opening a specially-crafted disk image resulting in a buffer overflow in Finder's handling of volume names. Two iChat-related security concerns are fixed in the update, preventing attackers on the local network from causing iChat to crash and foiling potential attempts by malicious websites to cause applications to crash or execute arbitrary code. The UserNotificationCenter process runs with elevated privileges in the context of local users, potentially allowing a malicious local user to overwrite or modify system files prior to the update. The update is available for download from Apple's website, as well as via the "Software Update" feature in Mac OS X located under the Apple menu.

(Excerpt) Read more at macnn.com ...


TOPICS: Computers/Internet
KEYWORDS: apple; osx; securityupdate
Navigation: use the links below to view more comments.
first previous 1-2021-22 last
To: zeugma

You don't have a television?


21 posted on 02/16/2007 5:36:14 AM PST by TommyDale (What will Rudy do in the War on Terror? Implement gun control on insurgents and Al Qaeda?)
[ Post Reply | Private Reply | To 17 | View Replies]

To: TommyDale
 

Your original post repeated the same old canard that shows up on every Mac thread... 

But we've all been told that Apple has no need for fixes.

To  which I responded:

Please do us all a favor and find that post.

You responded lamely

You don't have a television?

My point was, that the only time to see a claim that Apple doesn't have a need for fixes is when som Microsoft loyalist makes a sarcastic remark like the one you made above.

All software has bugs, especially projects as huge as a modern operating system. The difference between those produced by Microsoft and Apple is the consequences of exploitation, and the fact that the security model behind unix systems is much more resistant to attacks against it being successful.

If you can demonstrate a virus, worm, or trojan out there in the wild that has managed to attack more than just a couple of Mac users at a time I think we'd all be interested in seeing it.

The lack of same is ample demonstration that the security model on Mac/Unix/Linux/BSD is a superior model to that used on the MS-Windows line, which apparently seems to have kept to its winning ways with Vista. Apparently Gates and co. don't see any reason not to run every single installer program that is run on the system as the Administrator user by default.  Apparently, a safe way of installing a program in user space is beyond the imagination of the boys in Redmond.

22 posted on 02/16/2007 6:41:08 AM PST by zeugma (MS Vista has detected your mouse has moved, Cancel or Allow?)
[ Post Reply | Private Reply | To 21 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-22 last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson