Apple on Wednesday released Security Update 2006-001, available for download through Software Update system preference pane and from Apple's Downloads Web page. The update addresses a recently reported exploit that left Safari users vulnerable to malicious shell scripts, corrects a vulnerability in Apple's Mail software, and also changes the way iChat handles file transfers to help prevent the Leap-A malware.
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:2005-07-06
Or even better, if a virus utilising the exploit had a payload date, release the patch _after_ that date. I thought Apple were supposed to be professional, only Microsoft are professional enough to stick to patch cycles no matter what, and release a fix after the payload has already been dropped.
1) Microsoft's patch schedule was implemented at the request of their customers.
2) Microsoft has reserved the right to, and has broken from their patch schedule on several occassions if the vunerability was critical and the possibility of exploit was high.
Member since:2005-07-06
Member since:2005-07-06
1) Microsoft's patch schedule was implemented at the request of their customers.
2) Microsoft has reserved the right to, and has broken from their patch schedule on several occassions if the vunerability was critical and the possibility of exploit was high.
No patch schedule pedictability justifies a critical vulnerability's intentionial delay. OP refers to a real example of MS letting knowingly their users out in the cold up until after the X hit the Y.
Member since:
2005-11-10
Or even better, if a virus utilising the exploit had a payload date, release the patch _after_ that date. I thought Apple were supposed to be professional, only Microsoft are professional enough to stick to patch cycles no matter what, and release a fix after the payload has already been dropped.