Apple Claims 55 Flash Vulnerabilities Fixed in 10.6.5

[Paul Daniel Ash]

Of the 131 security issues noted as resolved by the new Mac OS X 10.6.5 update, more than half are fixes to third party software, with the overwhelming majority of those having to do with Flash. However, the way Apple fixed the Flash vulnerabilities was just by upgrading the Flash Player plug-in to the latest version, not by making any changes to Mac OS X itself.

The Knowledgebase article about the update lists 55 security vulnerabilities related to Flash Player, 16 having to do with X11, nine about the QuickTime player, one about Safari, and five about specific features in Mac OS X Server that are not present in the desktop version. Another 45 had to do with components of Mac OS X, including updates to the AFP network protocol providing new validation and error signaling, and a fix to the password server to prevent users from logging in with outdated passwords. CoreText and CoreGraphics have also been tweaked to improve handling of a previously-fixed security flaw related to malicious PDF files.

The fact that there were so many identified security issues in the version of Flash Player used in 10.6.4 lends credence to Apple's explanation that the reason MacBook Airs did not ship with the plug-in installed was so that users could download the more secure version themselves. Tests of the new lightweight notebook with Flash installed did show much increased battery consumption, though, and some observers felt the omission had more to do with Apple being able to meet its claims of six-hour battery life. Adobe's chief technology officer Kevin Lynch complained of Apple's "negative campaigning" in an interview with Fast Company magazine, and called Apple's rejection of Flash a "blockade of certain types of expression."

Security Update 2010-007 for Mac OS X 10.5 was also released at the same time as Mac OS X 10.6.5, providing many of the same fixes as well as additional patches to Leopard users. The upgrades are available via Software Update, or by direct download from the Apple Support site.

Source: AppleInsider

[dwkkwd]

That's a lot sorted out.I'll update mine later

[Zokunei]

Lol. Macs had 131 known security issues.

[GreggSymington]

Lol. Macs had 131 known security issues.

Against Windows' 999,999,999,999,999,999,999 etc.

[steve-z17]

Lol. Macs had 131 known security issues.

The key word there being "had"! Windows always HAS at least 131 security issues! lol.

[Zokunei]

I know. But Apple's thing is "Macs don't get *cough Windows cough* viruses." And if you dump IE and turn off Internet history, you don't get any viruses.

[steve-z17]

I know. But Apple's thing is "Macs don't get *cough Windows cough* viruses." And if you dump IE and turn off Internet history, you don't get any viruses.

Wait! That's not true...???? Hehe

[i3urger]

I know. But Apple's thing is "Macs don't get *cough Windows cough* viruses." And if you dump IE and turn off Internet history, you don't get any viruses.

Not anymore there have been viruses made just for the Mac so they can feel special.... I hate viruses like everyone else that can get them. Y people make them, stupid

[EskimoRuler]

Trojans are more popular on macs than viruses I think

[Nips_19]

Lol. Macs had 131 known security issues.

In fact, according to AppleInsider, while 42% of the 131 vulnerabilities patched by 10.6.5 address Apple's own code, an equal number relate to Adobe Flash. That revelation adds some perspective to Apple's public denigration of Flash.

HTML 5 FTW

**** Flash. its a buggy "missing plug in" mess!

[rocky5]

I hate this, windows has viruses, only if you download them just like mac osx pirated copie, they come with viruses.
If there were none then why the hell do you get antivirus software for a mac?

Also I would like to see the vunranilities, as jobs will do anything to discredit Flash as to hype up HTML5.

You only get viruses buy downloading them period.

You don't get them by browsing the web, you could get malware by browsing the net.

Apple fanboys go do your reserch before jumping on the windows hate wagon.

As

[Zokunei]

I hate this, windows has viruses, only if you download them just like mac osx pirated copie, they come with viruses.
If there were none then why the hell do you get antivirus software for a mac?

Also I would like to see the vunranilities, as jobs will do anything to discredit Flash as to hype up HTML5.

You only get viruses buy downloading them period.

You don't get them by browsing the web, you could get malware by browsing the net.

Apple fanboys go do your reserch before jumping on the windows hate wagon.

As

That's not true. I use Windows. If you have Internet history turned on, it will download a bunch of .tmp files that can be exploited. Before I turned off Internet history I had at least twenty trojans and viruses every time I ran a scan. My AVG software tells me the file path of the virus. 99% of the time it was in the Internet history. Literally.

[Antman217]

I hope more sites update to HTML 5 soon. Currently I only need two more sites that I visit to update to HTML 5 and I can uninstall flash. Btw if u uninstall flash will that mean less ads?

[rocky5]

That's not true. I use Windows. If you have Internet history turned on, it will download a bunch of .tmp files that can be exploited. Before I turned off Internet history I had at least twenty trojans and viruses every time I ran a scan. My AVG software tells me the file path of the virus. 99% of the time it was in the Internet history. Literally.

I use firefox and avira as AVG 8 is dung, it used to tell me files I made (batch files) were viruses so I uninstalled it and never looked back.

Also what porn/warez sites you on, as these are the number 1 sites for malware, this is what you get (malware downloads viruses)

Also install a new host file search updated host file, this blocks thousands of malware sites.

And last but not lease install spywareblaster and you all set.


What I use and have no viruses.

Avira antivirus
New host file
Spywareblaster

No viruses not spyware no nothing.

Btw if u uninstall flash will that mean less ads?

No because if the site had adds and support html5 then the adds will be html5 adds instead of flash ones.

A site can't just change to html5 and not have adds that's where they make most of there profits.

[Zokunei]

I get no viruses now. Read my posts damn it.

[Zokunei]

I hope more sites update to HTML 5 soon. Currently I only need two more sites that I visit to update to HTML 5 and I can uninstall flash. Btw if u uninstall flash will that mean less ads?

Seriously, get Firefox and install the Ad Block Plus add-on. Go to tools>add-ons>Get Add-ons in the toolbar and search Ad Block Plus.

[athleticswimmer]

Against Windows' 999,999,999,999,999,999,999 etc.

sir I believe it's 1,000,000,000,000,000,000,000 etc. you were off by 1.

[Antman217]

Seriously, get Firefox and install the Ad Block Plus add-on. Go to tools>add-ons>Get Add-ons in the toolbar and search Ad Block Plus.

Nah I got adblock for safari 5 and it works fine.

[CaryDude]

All those fixes, but nothing with the apfirewall blocking DHCP offers, especially over Airport interfaces en1. You can add configd, krb5kdc, nbmd and whoever else you want, and it still takes forever to get an IP address over Airport. Drop in Little Snitch, though, and WHAM! There it is right away. Grrr!

[Cer0]

I love Little Snitch. One of those must have apps for OSX.