Month of Apple Bugs, Meet Month of Patches
Less than 24 hours after the release of working exploits for two critical media player flawsQuickTime and VLCa former engineer in Apples BSD Technology Group has launched an effort to provide run-time fixes for each flaw released during the Month of Apple Bugs project.
Landon Fuller, one of the primary architects of the Darwin ports system, has announced plans to react to each MoAB bug with a daily, unofficial patch.
Fuller described the move as "part brain exercise, part public service" and promised that, with assistance, he will "attempt to patch the other vulnerabilities, one a day, until the month is out."
Apple has remained quiet throughout the MoAB project, which is the handiwork of LMH, a mysterious hacker in Europe, and Kevin Finisterre, a well-known security researcher with expertise in Mac OS X issues.
In a statement sent to eWEEK, Apple spokesperson Anuj Nayar said the company "takes security very seriously and has a great track record of addressing potential vulnerabilities before they can affect users."
"We always welcome feedback on how to improve security on the Mac," Nayar said. He did not elaborate on the actual MoAB project or the timeline for patches for Mac users.