An apple patch that you might want to take
Apple has recently released a patch, 2007-007 update for MacOS X, 10.3 and 10.4. This is a mega patch, fixing over 45 defects, out of which 17 are serious security issues where hackers could compromise systems and are classified as equivalent to 'critical'. Since Apple also uses a number of open-source projects, approx 75% of the patches were in the open-source software that Apple blends in with its own code.
These open-source bug fixed include fixes in the following apps: Kerberos, PHP, Samba, SquirrelMail and Tomcat. Components of MacOS X patched as part of this release were CFNetwork, the Mac OS X library of network protocols; CoreAudio, the API (application programming interface) that handles sound on Macs; the zgrep file compression utility; iChat; and WebCore, the part of the WebKit application framework that handles HTML rendering. Fixes also included fixes in Safari (including a fix for a problem on Safari on iPhone)
One normally hears primarily of Microsoft releasing patches at regular intervals to fix security holes and other bugs, so it would be interesting to evaluate whether this gets an negative publicity for Apple. Microsoft would like to advertise this as claiming that OS X has also a number of flaws, and equally, open source technology has a number of security holes for which there are no clear owners, and the total cost of ownership of open source systems is high, as per the Microsoft argument.
No comments:
Post a Comment