Linked by Thom Holwerda on Thu 23rd Jun 2011 22:51 UTC
Mac OS X "Apple has now released Mac OS X 10.6.8, the eighth maintenance update for Snow Leopard, via Software Update. The update offers a number of fixes implemented since the release of Mac OS X 10.6.7 in late March."
Permalink for comment 478440
To read all comments associated with this story, please click here.
Apple's engineers getting better
by 3rdalbum on Fri 24th Jun 2011 09:34 UTC
3rdalbum
Member since:
2008-05-26

Usually, looking at a list of security fixes in Mac OS X updates is like watching The Three Stooges: You laugh at all the buffoonery that's happened.

There's normally a whole bunch of security fixes for things that you'd never believe could make it through quality assurance, such as "Entering a password with three letter A's causes the user's privileges to escalate" and "Guest users can use 'cron' to run malicious code after they've logged out".

To Apple's credit, I had a quick scan through the list of fixes, and there were no thigh-slappingly-hilarious ones. This was about the funniest I could see:

Impact: Visiting a malicious website may lead to files being sent from the user's system to a remote server

Description: A cross-origin issue existed in WebKit's handling of windows. Visiting a malicious website may lead to files being sent from the user's system to a remote server. This issue is addressed through improved tracking of origins.
CVE-ID

CVE-2011-0167

Of course, this might just mean that Apple HASN'T fixed the one that allows a maliciously-crafted PDF to set your printer on fire; but I hope this means that OS X is finally maturing as a secure platform. About time, considering it's over ten years old.

Reply Score: 3