Feb 10, 2012 - 05:30 PM EST — AAPL: 493.42 (+0.25, +0.05%) | NASDAQ: 2903.88 (-23.35, -0.8%)

Apple Mac OS X guru combats ‘Month of Apple Bugs’

Wednesday, January 3, 2007 · 3:40 pm · 21 Comments

“A software engineer has vowed to quickly provide a patch for flaws in Apple Computer software that are set to be made public by researchers Kevin Finisterre and the pseudonymous LMH this month,” Tom Espiner reports for CNET News.

Espiner reports, “The vulnerability researchers’ ‘Month of Apple Bugs’ project, launched Monday, promises to announce a hole in Apple software on each day in January. However, a senior open-source developer with extensive experience working for the Mac maker says he is attempting to offer a fix for each flaw found.”

Espiner reports, “Landon Fuller was an engineer in Apple’s BSD Technology Group and is one of the principal architects of Darwin, an open-source, Unix-like operating system designed to work alone or as a core set of components for Mac OS X. He has already offered patches for the two vulnerabilities published by the Month of Apple Bugs project so far.”

Full article here.

Landon Fuller’s fixes and more: http://landonf.bikemonkey.org/code/macosx/

Related articles:
MoAB #2: VLC Media Player udp:// Format String Vulnerability – January 03, 2007
MoAB #1: Apple Quicktime RTSP URL Handling Buffer Overflow Vulnerability – January 02, 2007
Starting January 1st: “Month of Apple Bugs” – December 19, 2006

Categories: MacDailyNews, News

Thank You for supporting MacDailyNews!

Apple Store Online:
• Order iPhone 4s. From $199. Fast, free shipping only at the Apple Online Store.
• New Apple MacBook Pro. Now faster than ever. Starting at $1199, plus free shipping.
• MacBook Air. Available in two utlracompact sizes. Starting at just $999. Fast, free shipping from the Apple Online Store.
• The new iMac. With next-generation quad core processor and advanced graphics. From $1199. Fast, free shipping at the Apple Online Store.
• The new Mac mini. Now up to 2x faster. From $599. Fast, free shipping. Buy now at the Apple Online Store.

Comment Feed

21 Comments

Bizzaro Ballmer

Wednesday, January 3, 2007 - 4:45 pm · Reply

Hero
greatcaffeine

Wednesday, January 3, 2007 - 4:46 pm · Reply

That was fast.
dogfriend

Wednesday, January 3, 2007 - 4:49 pm · Reply

Kudos to Landon Fuller.
John Williams

Wednesday, January 3, 2007 - 4:49 pm · Reply

Still not sure how a VLC issue is considered an Apple bug…
Dolita

Wednesday, January 3, 2007 - 4:53 pm · Reply

much better than those fools who irresponsibly exploit the flaws.
Greg

Wednesday, January 3, 2007 - 5:15 pm · Reply

Kick ass. What a great culture we live in.
Georgy Porgy

Wednesday, January 3, 2007 - 5:37 pm · Reply

A secure solution with a solution to get even more secure…what more could we ask for as Apple enthusiasts?
I wonder if they are letting the bugs out of the bag in order of priority…if so, then I have few worries. The guy should reveal himself and Apple should hire him to do this every day.
Cubert

Wednesday, January 3, 2007 - 5:42 pm · Reply

Gotta love the Mac community!
darrellss

Wednesday, January 3, 2007 - 5:51 pm · Reply

You mean one guy and one day (for each) is all it takes to close bugs found in the Apple platform (and 3rd party software)?? That says a lot all by itself. It takes hundreds of resources and months/years on the “other” platform to get any bugs closed.

There simply is not comparison. Think Different.
Zune Tang

Wednesday, January 3, 2007 - 5:59 pm · Reply

Avoid these bugs and come to Vista, baby. Welcome to the social.
DW

Wednesday, January 3, 2007 - 6:13 pm · Reply

Excellent News!!!
So now everyone can stop whining about how unjust the Month of Apple Bugs project is!
ChrissyOne

Wednesday, January 3, 2007 - 6:14 pm · Reply

In other news, 17,543 software engineers from India are doing the same thing for Vista.
Big Al

Wednesday, January 3, 2007 - 6:25 pm · Reply

Read some of the comments to that article.

Some misguided Windows users really hate Apple and think that the two researchers, releasing these vulnerabilities to the public first, are heros.

As if a few Mac OS X vulnerabilities will make up for the tens of thousands of vulnerabilities found and still to be found in Windows.

Wake me when a self replicating piece of Mac OS X malware is out in the wild.

Until then, STFU.
justme2

Wednesday, January 3, 2007 - 6:27 pm · Reply

There was already a Security Update today — wonder if this might have been for the “bugs” that were found…
Mr. Peabody

Wednesday, January 3, 2007 - 6:29 pm · Reply

I’d still like to know how Finisterre and the LMH group plan on absolving themselves when/if their little exploitation gizmos get into the open and actually do damage to OS X – Really.

Kudos to Mr. Fuller.
Mike K

Wednesday, January 3, 2007 - 6:41 pm · Reply

Has it not occured to, like, everyone that this “Month of Apple Bugs” is also the month leading up to the consumer release (*yawn*) of Vista?

This whole campaign reeks of the groundswells of public opinion and letters to the editor on behalf of Microsoft that nearly always track back to some PR agency on Microsoft’s payroll. That anyone takes this crap seriously is beyond me…
Matrix3

Wednesday, January 3, 2007 - 7:17 pm · Reply

Great to see the Mac community taking care of its own.

I’d like to see this in the Windows world.
Unlikely as Windows is so full of holes that it can’t be plugged without an actual code re-write.

@ Mr. Peabody – I think they want this to get out in the wild and do serious damage to the public. They hate Apple and in their minds “so what it innocent people get hurt” – IMHO.
They figure this will put their beloved Microsoft in a better light.

@ Mike K – I BELIEVE you’ve hit it on the mark.
It seems too much of a coincident for this negative press to start now just before the Vista public release, MacWorld and the upcoming release of Leopard.

This will be just the beginning.
The M$ group sees the potential threat that is looming and they will do everything in their power to slander Apple/Mac. This is just MHO, of course.

The mud will get thicker in the days and months ahead.
Rene

Wednesday, January 3, 2007 - 8:37 pm · Reply

ROTFL….thanks dude, I needed that…

Zune Tang
“Avoid these bugs and come to Vista, baby. Welcome to the social.”

MDW- Lost. Your post and MDW for the day couldn’t better disrcribe the typical WinTel users state, lost. lol
mattyg

Wednesday, January 3, 2007 - 8:43 pm · Reply

good to see even quick fixes are really quick on a mac faster than the fixes on a pc?
eMax

Wednesday, January 3, 2007 - 11:20 pm · Reply

Let the Battle begin!
Zeke

Wednesday, January 3, 2007 - 11:42 pm · Reply

These two hosers are Linux fan-boys. LMH says he works for a company that appears to be selling unix/linux security apps and services. So far their project is a flop. What it has shown is that these are simply anti-Mac geeks with over-inflated egos. I hope they have good lawyers. The class action attorneys must be salivating while they wait for the first real damaged caused by an explolit they maliciously release.