Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[TheBoy]

Never seen so many vulnerabilities for a single OS in one week before.  I know many Mac users consider themselves immune from virus/malware/vulnerabilities, hence this post (I know from the web logs we have a few OSX with Safari members)

[Jay w]

  i have seen a lot of info these last few weeks so have been getting everything up to scratch

[MaxV6]

Never seen so many vulnerabilities for a single OS in one week before.  I know many Mac users consider themselves immune from virus/malware/vulnerabilities, hence this post (I know from the web logs we have a few OSX with Safari members)

you mean the raw image file issue....   that's one vulnerability, that's already dealt with and released as part of the automated software update system...  this week...

so that's one then....  

presumably you've only ever seen fractions of issues identified and fixed in a week previously??   (  i know...    read on....  )

whereas LAST week, a large security patch was released , covering multiple issues, on 2 different OS's but released as a single update..


and yup, it sure was a doozy !  the LONGEST list of patch fixes I've EVER seen on Mac OS...  

looking in to some of them reveals many of  them to be related to a specific coding issue relating to buffer over runs, and handling of excess conditions.

But from the date of first notification (in some cases by a couple of FreeBSD guys who found the flaw in the original open source code. ) a very quick fix by apple.,....  

somewhat better in this respect than another OS developer we could mention .

 

[TheBoy]

Never seen so many vulnerabilities for a single OS in one week before.  I know many Mac users consider themselves immune from virus/malware/vulnerabilities, hence this post (I know from the web logs we have a few OSX with Safari members)

you mean the raw image file issue....   that's one vulnerability, that's already dealt with and released as part of the automated software update system...  this week...

so that's one then....  

presumably you've only ever seen fractions of issues identified and fixed in a week previously??   (  i know...    read on....  )

whereas LAST week, a large security patch was released , covering multiple issues, on 2 different OS's but released as a single update..


and yup, it sure was a doozy !  the LONGEST list of patch fixes I've EVER seen on Mac OS...  

looking in to some of them reveals many of  them to be related to a specific coding issue relating to buffer over runs, and handling of excess conditions.

But from the date of first notification (in some cases by a couple of FreeBSD guys who found the flaw in the original open source code. ) a very quick fix by apple.,....  

somewhat better in this respect than another OS developer we could mention .

 

Having only a passing interest in OSX, didn't look into the details, but the CERT list for this week was a bit crazy for it.

My warning was more for those who naively believe the 'computer shopper' type hype and assume that OSX (and Linux, and Firefox) is somehow immune from all defects, and don't need to do anything


Most OS vendors are now quick to respond - they need to be.

[zippo]

its all Greek to me,

[TheBoy]

its all Greek to me,

Just ensure that Windows Update does its job daily, and your AV runs daily

[Taxi_Driver]

its all Greek to me,

Just ensure that Windows Update does its job daily, and your AV runs daily

Hmmmm.....Just checked mine.....the default was set to download updates every Friday at 8pm....which at 1st glance seemed ok......coz Symantec 'used' to only release updates once a week on a Thursday and checking the logs it downloaded an update to the definition file last Friday.......but I hit update.......and it downloaded another update.....so it seems Symantec have changed this.......also looking thro the logs apart from last Friday, it was a month previous it downloaded a definition file update, so i guess my lappy wasnt turned on at 8pm Friday those days......which is highly likely.......so Ive changed the settings to check for updates everyday, still at 8pm but randomnise 300mins either side of 8pm and also handle missed events within 24 hours (was set to 3 hours).......hopefully that will make it check for updates daily  

[TheBoy]

its all Greek to me,

Just ensure that Windows Update does its job daily, and your AV runs daily

Hmmmm.....Just checked mine.....the default was set to download updates every Friday at 8pm....which at 1st glance seemed ok......coz Symantec 'used' to only release updates once a week on a Thursday and checking the logs it downloaded an update to the definition file last Friday.......but I hit update.......and it downloaded another update.....so it seems Symantec have changed this.......also looking thro the logs apart from last Friday, it was a month previous it downloaded a definition file update, so i guess my lappy wasnt turned on at 8pm Friday those days......which is highly likely.......so Ive changed the settings to check for updates everyday, still at 8pm but randomnise 300mins either side of 8pm and also handle missed events within 24 hours (was set to 3 hours).......hopefully that will make it check for updates daily  

They all do at least daily updates now

I use Mcafee, as it has the 'run missed task' option.  And Norton sucks