Results 1 to 5 of 5

Thread: Article: Microsoft Could Teach Apple a Lesson about Security

  1. #1
    roraniel's Avatar
    roraniel is offline Gold Member
    Join Date
    Oct 2008
    Location
    Pinehurst, NC
    Posts
    860

    Default Article: Microsoft Could Teach Apple a Lesson about Security

    May 13 2009

    Analysis: Both Apple and Microsoft issued huge patches yesterday -- and it's obvious Apple has much to learn about security.

    Yesterday, both Apple and Microsoft issued whopper security patches. The way they were handled shows that Apple has a lot to learn from Microsoft about security. Here are the four most important ones.



    Patch it faster

    As this latest patch shows, Apple is very slow at fixing security problems with Mac OS X. Two of the security problems were big ones, uncovered in March at the "Pwn2Own" annual hacking contest sponsored by 3Com's TippingPoint. Waiting two months to fix the problems is simply too long. On March 27, Mozilla fixed the security problem found with Firefox. And it turns out that the version of Internet Explorer 8 hacked at the conference wasn't final, and the final version of IE 8 wasn't vulnerable.

    The Apple patch fixed a total of 67 bugs. The Microsoft one fixed only 14. The reason? Microsoft issues these patches regularly, so they're out the door as quickly as possible. Apple waits far longer, and issues them in a bigger batch.

    Read More Here: Microsoft Could Teach Apple a Lesson about Security - PC World

  2. #2
    iMav's Avatar
    iMav is offline Gold Member
    Join Date
    Jul 2008
    Posts
    921

    Default

    Well, Apple has hired OLPC's security chief recently.
    Last edited by iMav; 16th May 2009 at 15:20.

  3. #3
    leofelix is offline Member
    Join Date
    Oct 2008
    Location
    Italy
    Posts
    1,668

    Default

    Thank you roraniel..
    it sounds a little bit funny to me: Microsoft teaching what security is..

    Juts remembering MSAV


    Microsoft provided the last Signature Update for the product in late 1996, at which point it could detect 2,371 virus.

  4. #4
    Corrine's Avatar
    Corrine is offline Gold Member
    Join Date
    Jan 2009
    Location
    Upstate NY
    Posts
    961

    Default

    This update was thanks to Microsoft:

    CVE-ID: CVE-2009-0162

    Available for: Mac OS X v10.5.7, Mac OS X Server v10.5.7, Windows XP or Vista

    Impact: Accessing a maliciously crafted "feed:" URL may lead to arbitrary code execution

    Description: Multiple input validation issues exist in Safari's handling of "feed:" URLs. Accessing a maliciously crafted "feed:" URL may lead to the execution of arbitrary JavaScript. This update addresses the issues by performing additional validation of "feed:" URLs. These issues do not affect systems prior to Mac OS X v10.5. Safari 3.2.3 is included in the Mac OS X v10.5.7 update. Credit to Billy Rios of Microsoft Vulnerability Research (MSVR), and Alfredo Melloni for reporting these issues. {emphasis added}
    About the security content of Safari 3.2.3

  5. #5
    leofelix is offline Member
    Join Date
    Oct 2008
    Location
    Italy
    Posts
    1,668

    Default

    by the way, I think this review

    Microsoft Office for Mac fix falls at first hurdle ? The Register

    looks interesting too

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22