Apple Announces Patches for 26 Major Security Flaws on Macs

Not Again! On May 11, 2006 Apple Computer announced 43 Mac OS X and QuickTime security patches (Security Update 2006-003). This included 31 flaws in the Mac OS X, most of them serious enough to cause arbitrary code execution attacks. In addition, Apple also released QuickTime 7.1 as a major security overhaul to fix 12 code execution and denial-of-service flaws.

Less than three months later, Apple announced patches for yet another 26 security holes. 17 of these 26 security holes could expose the user to an arbitrary code execution. Four of them could lead to disclosure of confidential information and two could cause an application to crash. A local user in three cases could exploit a flaw to gain additional user rights.

That’s a whopping 69 security holes discovered in less than three months…..and you thought Microsoft’s operating systems were full of security holes. These numbers are incredibly high for an OS that was supposed to be secure…..or at least that’s what the perception was.

While Microsoft operating systems such as Windows Server 2003 and Windows XP are becoming increasingly secure, Microsoft’s competitors have had some serious problems with their products. Macs have experienced an unusually high number of security problems as of late. Same is true for Mozilla’s Firefox browser (which happens to be my primary browser). It has been steadily gaining popularity because of the ongoing problems with Internet Explorer, but has its share of security holes lately. As software products become more popular, they tend to attract a lot of attention from the bad guys and become more vulnerable to attacks.

As a Mac user I am hoping this trend won’t continue. As a Windows user I am glad the OS is becoming more secure and stable. Unfortunately, I can’t say that about Internet Explorer (IE).