Latest in Bugs

Image credit:

More MOAB fixes from Landon Fuller


It was a busy weekend for Landon Fuller and his crew of white-hat hackers working to plug the holes in Mac OS X and associated applications revealed by Month of Apple Bugs. His most recent two posts detail patches for Transmit and iChat, a mount warning for disk image downloads in Safari, and a patch for a zero-day vulnerability that's not even on the MOAB hit list: a heap overflow in the Java GIF image handling code, which has been fixed in Sun's releases of the Java virtual machine but not yet in Apple's release.

Landon also points to the BOM Shelter python script, written by his buddy William Carrel; the script modifies permissions on several items to avoid the vulnerabilities of MOABs 5, 8 and 15.

The thanks and appreciation of the entire Mac-using community are due to these guys, who are volunteering their time and considerable expertise to keep us all a little bit safer.

From around the web

ear iconeye icontext filevr