Yes, Mac users are hardly immune to security issues. We’re often content to rest on the laurels of OS X’s UNIX heritage, but how well-deserved is that reputation?
Not very, says Tom Ferris of Security-Protocols, who’s made a habit of digging up software bugs (you might call him a cyberentomologist) for both OS X and Windows, most famously finding a vulnerability in Internet Explorer 7 beta 2 within minutes of release. His latest blog post mentions a number of bugs in OS X, with Safari image handling being an especially egregious offender (you may recall DrunkenBatman’s earlier reporting of the Safari Image of Doom). He’s posted a proof of concept on his site that can crash Mac apps, or even run authorized code, by exploiting holes in Safari and OS X.
A number of the bugs that Tom mentions are reputedly scheduled to be fixed in the next security update. I, for one, am glad that Tom’s out there; oddly enough, I sleep better at night knowing that somebody is trying to track down security holes in OS X (I’m a light sleeper).
[via MacCentral]
