Posted by: David Harley | March 30, 2010

OS X 10.6.3

The H (Heise) has summarized Apple’s updates, addressing some 65 security holes, here, so I won’t reinvent the wheel in this blog.

There is also an update for Leopard (OS X 10.5.8) so I guess I’d better go and update some machines…

I can’t resist quoting a tweet by Larry Seltzer (@seltzer), though.

One of the vulnerabilities patched today by Apple: CVE-2003-0063. In case you forgot, the current year is 2010.

As he pointed out in another tweet, it sounds like it’ll take a while to get round to the Safari exploit exploited by Charlie Miller in the Pwn2Own contest.

David Harley FBCS CITP CISSP
Mac Virus
Small Blue-Green World
AVIEN Chief Operations Officer
ESET Research Fellow & Director of Malware Intelligence

Also blogging at:
http://www.eset.com/blog
http://avien.net/blog/
http://smallbluegreenblog.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/
http://dharley.wordpress.com

About these ads

Responses

  1. Didn’t Microsoft patch a 17 year old DOS bug in XP, etc, as recently as about five or six weeks ago?

    (I might have misremembered the 17. It might have been 16. Or it might have been 19 years old.)

    • I presume you mean CVE-2010-0232. The situation is rather different though. That bug does go back to NT 3.51, but it’s only been known (or at any rate publicly noted) since January. CVE-2003-0063 was originally released in March 2003, so it’s been a known issue for a lot longer than a couple of months. :)


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

Follow

Get every new post delivered to your Inbox.

Join 35 other followers

%d bloggers like this: