iPatch Before You Get iPwn3d
Did you know that Apple has its own patching festival? On Tuesday they released 48 patches for OSX and other Mac software, including critical updates for the iPhone. I call Tuesday “iBlack Tuesday” for Mac owners who had to go through the very stressful procedure of updating their systems.
I’m the iHacker, and you are iPwn3d.
From Brian Krebs article in the WaPo here:
Apple on Tuesday pushed out security updates to fix at least four dozen security holes in its Mac OS X operating system and other software. Perhaps most notable among the patches are several designed to plug security holes in Apple’s much-hyped iPhone. Also included in the patch bundles was another set of security fixes for the beta version of Apple’s Safari browser designed for use on Microsoft Windows machines.
Apple reports that iPhone users will need to fetch the fixes via iTunes. The instructions, per Apple’s Web site:
Apple appears to have fixed a few vulnerabilities in its implementation of Samba, a suite of programs that facilitate file-sharing between OS X and Windows computers. Exploit code showing bad guys exactly how to attack the flaw to compromise vulnerable Mac systems has been posted online.
Wow, 48 fixes for flaws at once? This surely means that some vulnerabilities were languishing for quite some time pending a patch.