Posted by: David Harley | October 13, 2011

Blogs and Patches

[Apparently this is our 200th post on this blog. Sadly, there are no prizes.]

So, the Infosecurity Magazine blog I mentioned previously is now up: Virus Bulletin and the Mac, then and now.

Plenty of more recent action around the Apple orchard, though, mostly around updating and patching:

And Aaron Sigel has flagged a vulnerability in Safari that could be used to allow arbitrary code execution (not applicable to Windows): he reports that

“This allows you to send any “file:” url to LaunchServices, which will run binaries, launch applications, or open content in the default application, all from a web page.”

 Hat tip to Alice Decker of Trend Micro for bringing the vtty posts to my attention.

David Harley CITP FBCS CISSP
Small Blue-Green World/AVIEN/Mac Virus

About these ads

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

Follow

Get every new post delivered to your Inbox.

Join 35 other followers

%d bloggers like this: