[Am-info] Security Researcher Claims Apple Update Vulnerable
Eric M. Bennett
ericb@pobox.com
Thu, 18 Jul 2002 10:11:21 -0400
Eric Hopper wrote:
>On Thu, 2002-07-18 at 01:03, Mitch Stone wrote:
>> Yes. Apple posted a security update last week. The vulnerability was
>> mainly theoretical, anyway.
>
>I really dislike the characterization of vulnerabilities in this
>fashion. There have been several Linux and Windows vulnerabilities that
>various researchers or corporate PR people have described as 'mainly
>theoretical' that had nasty exploits out in the wild a week later.
I believe someone posted a link to an example of how to exploit this
to Bugtraq, so there is already at least one example floating around.
But it is nice to see that Apple now issues patches on the order of a
week or two after bugs surface (both this and the recent SSH bug as
well as various Apache issues) rather than many months later.
--
--
Eric Bennett / ericb@pobox.com / emb22@cornell.edu www.pobox.com/~ericb/
Cornell University, Department of Chemistry & Chemical Biology
And so, in my State of the - my State of the Union - or state - my
speech to the nation, whatever you want to call it, speech to the
nation - I asked Americans to give 4,000 years - 4,000 hours over the
next - the rest of your life - of service to America. That's what I
asked - 4,000 hours.
-George W. Bush, Bridgeport, Conn., April 9, 2002