Its officially a cat-and-mouse race to exploit—and fix—security vulnerabilities affecting Apple Computers Mac operating system.
Less than 24 hours after the release of working exploits for two critical media player flaws—QuickTime and VLC—a former engineer in Apples BSD Technology Group has launched an effort to provide run-time fixes for each flaw released during the Month of Apple Bugs project.
Landon Fuller, one of the primary architects of the Darwin ports system, has announced plans to react to each MoAB bug with a daily, unofficial patch.
/zimages/1/28571.gifClick hereto read about the “Month of Kernel Bugs” project.
Fuller described the move as “part brain exercise, part public service” and promised that, with assistance, he will “attempt to patch the other vulnerabilities, one a day, until the month is out.”
/zimages/1/28571.gifFor advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis InternetsSecurity IT Hub.
Apple has remained quiet throughout the MoAB project, which is the handiwork of LMH, a mysterious hacker in Europe, and Kevin Finisterre, a well-known security researcher with expertise in Mac OS X issues.
In a statement sent to eWEEK, Apple spokesperson Anuj Nayar said the company “takes security very seriously and has a great track record of addressing potential vulnerabilities before they can affect users.”
“We always welcome feedback on how to improve security on the Mac,” Nayar said. He did not elaborate on the actual MoAB project or the timeline for patches for Mac users.
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Ryan Naraines eWEEK Security Watch blog.