More MOAB fixes from Landon Fuller
It was a busy weekend for Landon Fuller and his crew of white-hat hackers working to plug the holes in Mac OS X and associated applications revealed by Month of Apple Bugs. His most recent two posts detail patches for Transmit and iChat, a mount warning for disk image downloads in Safari, and a patch for a zero-day vulnerability that's not even on the MOAB hit list: a heap overflow in the Java GIF image handling code, which has been fixed in Sun's releases of the Java virtual machine but not yet in Apple's release.Landon also points to the BOM Shelter python script, written by his buddy William Carrel; the script modifies permissions on several items to avoid the vulnerabilities of MOABs 5, 8 and 15.
The thanks and appreciation of the entire Mac-using community are due to these guys, who are volunteering their time and considerable expertise to keep us all a little bit safer.
Share
Categories
It was a busy weekend for Landon Fuller and his crew of white-hat hackers working to plug the holes in Mac OS X and associated applications...
Add a Comment
I still want to know where these Earth shattering bugs are...we're at day 22, and I haven't seen much from the MOAB folks since Day 2 when they hit us with the VLC "apple bug".
I've found this "Month of Apple Bugs" to be, on the whole, very disappointing. Are these really the best they could come up with? VLC? Transmit? Java?! Not only are a sizable chunk of them of them... not actually Apple bugs, they're just whiny niggles that these so-called "security experts" spent far too long conjuring up. Hats off to Landon for fixing these "bugs" up in double-quick time :)
January 22 2007 at 12:44 PM Report abuse Permalink rate up rate down ReplyEvery time I see one of these headlines I think "massive ordinance air blast" bomb not "month of apple bugs." Hmm.
January 22 2007 at 10:31 AM Report abuse Permalink rate up rate down ReplyHot Apps on TUAW
Deals of the Day
more deals- Used Apple iMac 17" Core 2 Duo 1.83GHz for $430 + $28 s&h
- Lounge Deluxe Stand for iPhone / iPod touch for $28 + $8 s&h
- Brookstone Surround-Sound Earbuds for $14 + $7 s&h
- Refurbished Skullcandy Tokidoki Smokin' Buds Mic'd Headset for $5 + $2 s&h
- Stitchway Backup Battery for iPod / iPhone for $5 + free shipping
- Used Apple MacBook Pro 2.4GHz 15" LED Laptop for $1,030 + $29 s&h
Software Updates
more updates- EFI Firmware Update brings Lion Internet Recovery to 2010-model Macs
- OS X Lion 10.7.3 released with Safari 5.1.3, Wi-Fi bug fix
- Aperture updated to 3.2.2, addresses Photo Stream issue
- Apple updates Keynote to address Lion issues
- Google Search app gets new look on iPad
- Apple releases Apple TV Software Update 4.4.3
Featured Stories
more stories
Popular Stories
TUAW (or The Unofficial Apple Weblog) is a website devoted to tips, reviews, news, analysis and opinion on everything Apple.
3 Comments