Bugs, bugs, bugs
 
Various publications are reporting various new Mac OS X “security vulnerabilities” today.
 
The San Jose Mercury News, usually a quite “with-it” paper, finally noticed (or at least reported) some of the security bugs that most others noticed two months ago. Whereas many publications way over-emphasized these bugs’ significance, the Merc seems to have mainly ignored them until now. Why they decided to chime in now is a good question. The article, like most of theirs, is quite well written and only slightly sensationalistic.
 
A number of recent “advisories” published by Tom Ferris of Security-Protocols are also getting some press, for instance in the Washington Post. Most of these advisories point out relatively minor problems with specific types of image files (mainly TIFF files). One is with decoding archives, and one details problems with the Safari Web browser. It’s good to see someone, in addition to Apple, really looking for these types of bugs. Mr. Ferris deserves thanks from all of us, even if some of the issues he’s uncovering (and diligently reporting to Apple) prove to be relatively minor. Right now there’s not really much “the Rest of Us” can do about these potential problems. Just be sure we’re running 10.4.6 (which includes all current security updates) and be on the lookout for the next security update.
Friday, April 21, 2006