About | ACP | Buy | Forum | Industry Watch | Learning Curve | Search | Twitter | Xnews
Home » Industry Watch

OS X Security Update 2006-003 - Update III

Close only counts in horseshoes.


Tom Ferris has released details of the issues not addressed in Apple's 2006-003 security update.

First the good news: most issues were taken care of. Now the bad: several issues were ignored and/or not given due attention so elementary black hat workarounds can still attack your computer.

Also, none of the holes reported on this page have been fixed. These concern Safari and require no user interaction.

Finally, the core vulnerability first reported here has not been fixed either.

Note that even if Apple fix all the critical holes to which Ferris refers, they will still have not addressed the architectural flaws which make accessing the Internet with applications other than Apple's own wrought with danger and otherwise 'safe' with at best a scandalously wobbly security model. These flaws will however require a complete overhaul of the OS X file system and such long awaited improvements may take considerably longer.

See Also
OS X Security Update 2006-003
OS X Security Update 2006-003 - Update
OS X Security Update 2006-003 - Update II

About | ACP | Buy | Forum | Industry Watch | Learning Curve | Search | Twitter | Xnews
Copyright © Rixstep. All rights reserved.