“A software engineer has vowed to quickly provide a patch for flaws in Apple Computer software that are set to be made public by researchers Kevin Finisterre and the pseudonymous LMH this month,” Tom Espiner reports for CNET News.
Espiner reports, “The vulnerability researchers’ ‘Month of Apple Bugs’ project, launched Monday, promises to announce a hole in Apple software on each day in January. However, a senior open-source developer with extensive experience working for the Mac maker says he is attempting to offer a fix for each flaw found.”
Espiner reports, “Landon Fuller was an engineer in Apple’s BSD Technology Group and is one of the principal architects of Darwin, an open-source, Unix-like operating system designed to work alone or as a core set of components for Mac OS X. He has already offered patches for the two vulnerabilities published by the Month of Apple Bugs project so far.”
Full article here.
Landon Fuller’s fixes and more: http://landonf.bikemonkey.org/code/macosx/
Related articles:
MoAB #2: VLC Media Player udp:// Format String Vulnerability – January 03, 2007
MoAB #1: Apple Quicktime RTSP URL Handling Buffer Overflow Vulnerability – January 02, 2007
Starting January 1st: “Month of Apple Bugs” – December 19, 2006
Hero
That was fast.
Kudos to Landon Fuller.
Still not sure how a VLC issue is considered an Apple bug…
much better than those fools who irresponsibly exploit the flaws.
Kick ass. What a great culture we live in.
A secure solution with a solution to get even more secure…what more could we ask for as Apple enthusiasts?
I wonder if they are letting the bugs out of the bag in order of priority…if so, then I have few worries. The guy should reveal himself and Apple should hire him to do this every day.
Gotta love the Mac community!
You mean one guy and one day (for each) is all it takes to close bugs found in the Apple platform (and 3rd party software)?? That says a lot all by itself. It takes hundreds of resources and months/years on the “other” platform to get any bugs closed.
There simply is not comparison. Think Different.
Avoid these bugs and come to Vista, baby. Welcome to the social.
Excellent News!!!
So now everyone can stop whining about how unjust the Month of Apple Bugs project is!
In other news, 17,543 software engineers from India are doing the same thing for Vista.
Read some of the comments to that article.
Some misguided Windows users really hate Apple and think that the two researchers, releasing these vulnerabilities to the public first, are heros.
As if a few Mac OS X vulnerabilities will make up for the tens of thousands of vulnerabilities found and still to be found in Windows.
Wake me when a self replicating piece of Mac OS X malware is out in the wild.
Until then, STFU.
There was already a Security Update today — wonder if this might have been for the “bugs” that were found…
I’d still like to know how Finisterre and the LMH group plan on absolving themselves when/if their little exploitation gizmos get into the open and actually do damage to OS X – Really.
Kudos to Mr. Fuller.
Has it not occured to, like, everyone that this “Month of Apple Bugs” is also the month leading up to the consumer release (*yawn*) of Vista?
This whole campaign reeks of the groundswells of public opinion and letters to the editor on behalf of Microsoft that nearly always track back to some PR agency on Microsoft’s payroll. That anyone takes this crap seriously is beyond me…
Great to see the Mac community taking care of its own.
I’d like to see this in the Windows world.
Unlikely as Windows is so full of holes that it can’t be plugged without an actual code re-write.
@ Mr. Peabody – I think they want this to get out in the wild and do serious damage to the public. They hate Apple and in their minds “so what it innocent people get hurt” – IMHO.
They figure this will put their beloved Microsoft in a better light.
@ Mike K – I BELIEVE you’ve hit it on the mark.
It seems too much of a coincident for this negative press to start now just before the Vista public release, MacWorld and the upcoming release of Leopard.
This will be just the beginning.
The M$ group sees the potential threat that is looming and they will do everything in their power to slander Apple/Mac. This is just MHO, of course.
The mud will get thicker in the days and months ahead.
ROTFL….thanks dude, I needed that… 😀
Zune Tang
“Avoid these bugs and come to Vista, baby. Welcome to the social.”
MDW- Lost. Your post and MDW for the day couldn’t better disrcribe the typical WinTel users state, lost. lol
good to see even quick fixes are really quick on a mac
” width=”19″ height=”19″ alt=”smile” style=”border:0;” /> faster than the fixes on a pc?
Let the Battle begin!
These two hosers are Linux fan-boys. LMH says he works for a company that appears to be selling unix/linux security apps and services. So far their project is a flop. What it has shown is that these are simply anti-Mac geeks with over-inflated egos. I hope they have good lawyers. The class action attorneys must be salivating while they wait for the first real damaged caused by an explolit they maliciously release.