Welcome | Sign In
TechNewsWorld.com
Software

Apple Issues Patch To Fix Security Hole in OS X

Print Version
E-Mail Article
Reprints
Apple Issues Patch To Fix Security Hole in OS X

By Jennifer LeClaire
MacNewsWorld
Part of the ECT News Network
01/26/05 10:41 AM PT

The news comes at an inopportune time. The browser wars are escalating -- largely because of concerns about security with Microsoft's Windows operating system and its Internet Explorer browser -- and Safari has been gaining momentum in the marketplace, according to market researcher WebSideStory.


Apple (Nasdaq: AAPL) has issued a new security patch to cover seven vulnerabilities in its Mac OS X operating system, including e-mail, ColorSync, and its Safari browser. Secunia Research reported the vulnerabilities, which are categorized as "highly critical."

According to Apple, when Safari's "Block Pop-Up Windows" feature is not enabled, a malicious pop-up window could appear as being from a trusted site. If the "Block Pop-Up Windows" feature is enabled, then this issues does not occur. The update corrects the issue regardless of the setting.

Browser Wars

The news comes at an inopportune time. The browser wars are escalating -- largely because of concerns about security with Microsoft's (Nasdaq: MSFT) Windows operating system and its Internet Explorer browser -- and Safari is actually gaining momentum in the marketplace, according to market researcher WebSideStory.

Between the beginning of December and mid-January, Microsoft's Internet Explorer market share dropped 1.5 percent while Safari gained nearly 1 percent.

Jupiter Research analyst Joe Wilcox told MacNewsWorld that technology users need to keep flaws in context. Two of Apple's largest competitors, Microsoft's Internet Explorer and Mozilla's Firefox, have also seen recent security warnings. Microsoft Windows operating system has also had its share of vulnerabilities.

"There are going to be security problems -- period," Wilcox said. "Regardless of the product, no developer has the resources to uncover every possible bug or flaw. You have to look at the number of flaws, whether or not they were exploited and how quickly the developer responds."

Apple's Response

Secunia has already issued three separate vulnerability advisories this year for Apple's OS X. Secunia reported 15 advisories related to the operating system last year. That compares to two advisories for Microsoft's Internet Explorer 6.0 browser alone -- not including for the entire Windows operating system -- this year and 34 last year.

Apple executives were not immediately available for comment.

The text displayed on the Web page that contains the downloadable patch stated: "For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available... Where possible, CVE (Common Vulnerabilities and Exposures) IDs are used to reference the vulnerabilities for further information."

The Security Update 2005-001 is for Mac OS X v10.2.8, Mac OS X Server v10.2.8, Mac OS X v10.3.7 and Mac OS X Server v10.3.7.

Print Version E-Mail Article Reprints More by Jennifer LeClaire

Talkback: Be the first to comment on this story.

More by Jennifer LeClaire

The Digital Car: Cool Automotive Accessories, Part 2
January 16, 2007
Not all the latest high-tech automotive electronics are built to entertain. Many give the driver more information and more control. Vehicle tracking devices can tell where the car is at any time, software installed in a smartphone can turn off a vehicle's security system whenever the owner approaches, and diagnostic tools can tell what's wrong with the engine -- and how much it'll be to fix it. 		'World of Warcraft' Wows 8 Million Subscribers
January 12, 2007
"World of Warcraft," the massively multiplayer online role-playing game, has reached the 8 million subscriber mark. Since debuting in North America in Nov. 2004, "World of Warcraft" has become the most popular MMORPG in the world. The franchise is available in seven different languages and is played on at least four continents. 		AT&T Bids Goodbye to Cingular Brand
January 12, 2007
Starting Monday, AT&T will launch a multimedia campaign to transition the Cingular Wireless brand name into its advertising and customer communications. The campaign will integrate popular imagery, phrases and icons from Cingular's traditional advertising, including the "raising the bar" tagline, the "Jack" character and the color orange.
Don't miss a story -- sign up for our FREE e-mail newsletters and view the latest headlines at a glance.
Tech News Flash [ View Sample ]
E-Commerce Minute [ View Sample ]
ECT News Network Weekly Newsletter [ View Sample ]
Shortcuts
> Get Business and Technology News Alerts
> Most Popular | Spotlight Features | Exclusives
> This Week on ECT News Network | Podcasts
> WiFi Hotspot Locator
> Inside TechNewsWorld
White Papers | Case Studies | Reports
eMarketer Whitepaper: Optimizing the E-Commerce Experience
Top 6 Tips to Quickly and Significantly Reduce Your Call Center Operations Cost
From Laid-Off to Entrepreneur: Launching a Web Biz on a Shoestring
The Year in Mac Security 2008
Entering European Markets: A Challenging but Real Opportunity
Peak Oil & Sustainability: CRM's Potential Impact and 10 Innovations CRM Vendors Should Consider
Rewriting the Startup Handbook
TechNewsWorld
E-Commerce Times
MacNewsWorld
CRM Buyer
LinuxInsider
Today's TechNewsWorld Sponsors
Avaya Aura™
Save up to 40% on calling costs with Avaya Aura™
Complimentary Webinar
How Much is 'Free' Costing You? DaveRamsey.com’s 567% ROI with Enterprise Analytics
Entrust Extended Validation SSL
Entrust EV SSL certificates -- "go green" for less. Now from only $199 per year.
Trend Micro Smart Protection Network(TM)
Lower your content security management costs by up to 40%.
ECT News Network Information
Reader Services
Corporate
ECT News Network
Terms of Service | Privacy Policy | How To Advertise
Copyright 1998-2009 ECT News Network, Inc. All Rights Reserved.