- Wednesday, 10 February 2010
- INQ Mobile
- RSS
It's not the cough that carried him off, it's the coffin they carried him off in
Apple fixes more bugs
THE BUILDER of high quality and totally secure products that mocks other companies for failing to meet its perfect standards has just released a number of patches to fix its flawed flagship products.
Apple has admitted that its Iphone, Ipod Touch and QuickTime have dangerous security holes and not even the mighty aura of Steve Jobs can protect them.
Common belief amongst the Apple fanboy community is that customers were starting to doubt in the powers of Messiah Steve Jobs and they had been punished with security vulnerabilities which made the product look just as insecure as anything Microsoft put out.
There is a plague of bugs that Apple has released fixes for so we will list some of the more serious ones.
The Iphone OS 3.1 and 3.1.1 has problems with its CoreAudio in that a heap buffer overflow exists in the handling of AAC and MP3 files. If a user opens a maliciously crafted AAC or MP3 file the software will crash.
It also has a dodgy Recovery Mode, which means that a person with physical access to a locked device might be able to access the user's data. There is also a heap buffer overflow in the Recovery Mode command parsing. This could allow anyone with physical access to the device to bypass the passcode and access the user's data.
The shiny happy Iphone operating system also has a fault in its telephony software such that receiving a maliciously crafted SMS message could lead to an unexpected service interruption.
The Iphone's Webkit browser has a memory corruption issue wherein visiting a maliciously crafted website might lead to an unexpected application termination or arbitrary code execution.
Apple has also shipped QuickTime 7.6.4 to cover four vulnerabilities affecting Mac and Windows users.
There is a memory corruption issue that exists in QuickTime's handling of H.264 movie files. Viewing a maliciously crafted H.264 movie file can lead to an unexpected application termination or arbitrary code execution.
There is also a buffer overflow problem in QuickTime's handling of MPEG-4 video files. Opening a maliciously crafted MPEG-4 video file can lead to an unexpected application termination or arbitrary code execution.
QuickTime's handling of FlashPix files can create a heap buffer overflow that causes the software to crash.
There is another heap buffer overflow in QuickTime's handling of H.264 movie files. A maliciously crafted H.264 movie file can lead to an unexpected application termination or arbitrary code execution.
The Iphone and Ipod Touch updates are available via Itunes. The QuickTime patch is being pushed out via the automatic updating software in Mac OS X and Windows.
Meanwhile fanboys are fasting in a bid to show solidarity with Steve Jobs and are praying that he forgives the lack of faith of the French who have been complaining lately that their Istuff has been exploding. µ
Share this:
ShareBusiness Intelligence Software
Customer Relationship Management (CRM)
Enterprise Accounting Software
Enterprise Resource Planning (ERP)
Enterprise Systems Management
Not all of us iPod Touch/iPhone users are constantly downloading porn which would indeed lead the user into encountering those types of malicious files. I guess YOU must though...
Apple = Scientology
Evidence:
a) S. Jobs = R. Hubbard
b) Brainless accolites? On both sides of the equation
c) Brainless RICH accolites? see b)
d) Big-Brotherish behaviour? both
e) Religion status? Apple is not YET officially a religion, but it's getting there
f) Expensive? Oh yeah... both of'em!
g) I-phone = E-meter
h) Attack the Attacker? Sure.... both of 'em!
And I guess YOU never did.
It's just fantastic that Apple is releasing patches in advance of problems. No one knows about them and we can make sure we're secure. They're doing a better job than the M$ ever did.
They've got the best mp3 player and cell phone combo unit's on the market. And it makes all the haters green with envy.
Apple isn't perfect, but they're doing a great job in their market.
Those who have installed 10.6 (Snow Leopard) and have its Optional Quicktime 7 installed have not been updated with fixes to these problems since the fixes are only being supplied to 10.4 (Tiger) and 10.5 (Leopard) users. There is no word from Apple as to why the Bleeding Edge 10.6 users are not being updated.
As true Applpostles know, the only reason bugs appeared in the holy iPhone and iPod was not that Steve Jobs was sick. No, he passed away, and has now risen again as Saint Steven! Now is the age of the second coming of our patron Saint, and all true believers should rush to the Applemart to load up on fruity trinkets, while turning their credit cards a nice apple-y shade of red. Hallelujah!
Who cares -- except when it impedes honest reporting.
"THE BUILDER of high quality and totally secure products that mocks other companies for failing to meet its perfect standards has just released a number of patches to fix its flawed flagship products."
Fantastic opening paragraph there Sir, you have surpassed yourself.
I suppose you think that all of your snarky comments are cute. Unfortunately, your attempts to demean others reflect primarily back on you. By the way, have you any reports that these theoretic vulnerabilities have actually caused a problem for any Apple customers? Any at all? Isn't it nice that Apple provides fixes before any problems occur?
I don't know much about the history of the Inquirer.net but from reading a few of its article in the last couple of weeks, i can see there is a strong anti-Apple bias from the "news" reporting here. Words like "fanboy" and "messiah" have no place in an objective atricle.
I use Windows, OS-X, Linux, and even OS/2 on a daily basis. None are "best" or "worst", or even "good" or "evil." I would expect teenage boys to feud over whose operating system is "best" -- not a news blog that seeks to be taken seriously by a wide range of readers.
QuickTime in Mac OS X 10.6 has been rewritten from the ground up, so you can assume that the bugs are not the same in this version and the previous versions. If there is no bug fix for QuickTime on Mac OS X 10.6, it's because the bugs fixed on Mac OS X 10.4 and 10.5 are not present in the newest version.