WHILE APPLE DRILLS its black shirts on the mantra that only Microsoft software has holes, while Mac OS X is holy, it has released a bumper load of fixes for its spotty Snow Leopard and Leopard operating systems.
More than 12 vulnerabilities were found in Leopard and Snow Leopard, although no doubt Apple will be keen to shovel the blame onto Adobe's Flash Player, which was directly responsible for a number of the fixes.
However one has to question why it took Apple so long to issue the patches for these problems as the fixes were first released by Adobe in early December. At the time Adobe said they were critical.
Other changes include one in the protocol used to secure Internet traffic but since Apple fanboys believe that faith will prevent their Macs from getting hacked we don't know why Jobs Mob bothered with this one.
Security update 2010-001, the first from Apple this year, is noticeably smaller than the monster issued last November that fixed almost 60 flaws, er, different levels of perfection.
For those who have a little difficulty reading Apple's security updates the phrase "may lead to arbitrary code execution" is Apple's way of saying, "This flaw is so critical that it will wipe your hard-drive, melt your face, cause the return of the Cold War and lead to mass global extinction of the human race unless the patch is installed."
The problem is that Apple can't bear to use the term 'critical vulnerability' and admit it can be used by attackers to hijack a Mac because its marketing machine insists that only happens to computers made by other people.
Other than the patches for Flash Player issues, the most notable fix in the batch is for a flaw in the SSL (secure socket layer) and TLS (transport socket layer) protocols that, if exploited, could let attackers capture or change data that was supposedly protected as it moved between client machines and servers.
This hole was found in August 2009 by Marsh Ray and Steve Dispensa who met with Cisco, IBM, Intel, Microsoft and Nokia last September to work out ways to patch the underlying SSL libraries.
In this admittedly Apple did a lot better than the Vole which has not yet patched the SSL vulnerability in its software. However, it's testing fixes.
We should point out that there are no patches available for the Tiger OS, which Apple has retired from support. Jobs Mob has the quaint requirement that its users have to buy new computers and install new software every two years.
To give users a leg up in their decision making process Apple withdraws support for its older software earlier than other software makers. Windows XP was released in 2001 and is still being supported. Tiger was released in 2005 and isnt. µ
Putting the 'mate' in 'climate change denial'
And it has already claimed a celebrity scalp
Dyson with death
Monitor the over-heads