In comparison, the proprietary Apple software recently had a major security flaw, known as the “GOTO Fail” bug which was around for as long as Heart Bleed (according to Apple). But we know very little about it. We have no history, do not know who made the mistake and whether it was intentional and we have no idea what the company has done to fix it. We don’t really know if we’re now safe from that security flaw. We simply have to trust Apple to be honest about all that because it will never let us see its logs.
Microsoft blames Apple for compromise, customers blame Microsoft.
“During our investigation, we found a small number of computers, including some in our Mac business unit, that were infected by malicious software using techniques similar to those documented by other organizations,” the company said on its Security Response Center website Friday.
The patch fixed a very long list of vulnerabilities — 163 issues in all — to WebKit, an open source technology for rendering HTML used by iTunes and many other applications, including Safari, Googles Chrome, and Yahoo Messenger. Using WebKit as the basic framework for its technologies means that Apple gets many of the benefits of open source, including a well-vetted codebase and the fast reporting of vulnerabilities. In this case, for example, Google found nearly half of the 163 vulnerabilities, while Apple found 26.
It is important to check that the recovery partition exists before performing the upgrade from Lion to Mountain Lion. In testing the Gold Master (GM) release, I found that the installation will start and progress as expected until the system reboots into the installation boot. At that point, it will fail and you will be caught in a perpetual loop if your recovery partition is non-existant. Always make sure you have a recent backup before performing the upgrade or any of these steps. Read the rest of this entry »
Adobe today shipped a new version of its ever-present Flash Player software with fixes for at least seven dangerous security holes and the addition of support for the Gatekeeper technology that coming in Mac OS X Mountain Lion.
The security update, available for Windows, Mac OS X and Linux operating systems, address vulnerabilities that “could cause a crash and potentially allow an attacker to take control of the affected system.”
Apple on Wednesday released OS X 10.7.4, the latest update to the companys Lion operating system which brings various improvements including a fix for a recently-exposed FileVault bug.
The update, which is recommended for all OS X Lion users, patches a security bug found in certain configurations of the previous 10.7.3 version that allowed for inadvertent access to user passwords.
Many security professionals tend to use OS X systems. Maybe for the nice and shiny looks, or the Unix under pinnings that make it a great platform to run current tools. However, the operating system itself isn’t exactly “secure out of the box” and like all operating systems can profit from some additional hardening tricks.
With the release of OS X Mountain Lion, Apples inclusion of the X11 windowing system in its OS will also be halted. As with Java, instead of releasing an in-house version of the X11 system, Apple will be relying on the separate XQuartz development team to keep a stable version of the X11 windowing system available for OS X. When you open a program that requires X11, the Mac will give you a notification and a link to the XQuartz project Web site so you can download the latest version of X11 for your system.
Apple OSX ‘Gatekeeper’ vulnerable to malware? | GMA News Online | The Go-To Site for Filipinos Everywhere
Gatekeeper, the security feature in Apple Inc.’s upcoming OS X Mountain Lion operating system, may be letting malware sneak in through the backdoor, a computer security firm said.