Filed under: Cool tools, Hacks, Security
More MOAB fixes from Landon Fuller
It was a busy weekend for Landon Fuller and his crew of white-hat hackers working to plug the holes in Mac OS X and associated applications revealed by Month of Apple Bugs. His most recent two posts detail patches for Transmit and iChat, a mount warning for disk image downloads in Safari, and a patch for a zero-day vulnerability that's not even on the MOAB hit list: a heap overflow in the Java GIF image handling code, which has been fixed in Sun's releases of the Java virtual machine but not yet in Apple's release.Landon also points to the BOM Shelter python script, written by his buddy William Carrel; the script modifies permissions on several items to avoid the vulnerabilities of MOABs 5, 8 and 15.
The thanks and appreciation of the entire Mac-using community are due to these guys, who are volunteering their time and considerable expertise to keep us all a little bit safer.
![TUAW [Cafepress]](http://www.blogsmithmedia.com/www.tuaw.com/media/tuaw-cafepress-promo.png)
Reader Comments (Page 1 of 1)
Henry Mumford said 10:31AM on 1-22-2007
Every time I see one of these headlines I think "massive ordinance air blast" bomb not "month of apple bugs." Hmm.
Reply
buthidae said 10:07PM on 1-22-2007
I've found this "Month of Apple Bugs" to be, on the whole, very disappointing. Are these really the best they could come up with? VLC? Transmit? Java?! Not only are a sizable chunk of them of them... not actually Apple bugs, they're just whiny niggles that these so-called "security experts" spent far too long conjuring up. Hats off to Landon for fixing these "bugs" up in double-quick time :)
Reply
Michael said 1:14PM on 1-22-2007
I still want to know where these Earth shattering bugs are...we're at day 22, and I haven't seen much from the MOAB folks since Day 2 when they hit us with the VLC "apple bug".
Reply