A security researcher and former Apple employee is counteracting the Month Of Apple Bugs (MOAB) project by posting his own unofficial fixes for each MOAB bug.
Landon Fuller, a former engineer in Apple's BSD Technology Group, characterized his plan as "part brain exercise, part public service" and said he will attempt to patch future MOAB flaws as time allows.
The Month Of Apple Bugs is the brainchild of security researchers Kevin Finisterre and L.M.H., and since launching on Tuesday has posted information and exploits on vulnerabilities affecting Apple and Windows versions of QuickTime, as well as the Apple version of the open-source VLC media player.
Though Finisterre and L.M.H. said the only potential workaround for the QuickTime flaw would be to disable the RTSP URL handler, that step wouldn't necessarily work because there are other vulnerable entry points to the application, Fuller noted in a blog post.
Fuller posted fixes on his blog for both vulnerabilities and invited security researchers to send him patches and other information on future MOAB bugs for inclusion in a planned mailing list.
|
Symantec's Code Red: The Law Enforcement/Anonymous E-Mail Exchange Law enforcement officials negotiated via e-mail for more than two weeks with an Anonymous group member trying to extort $50,000 from Symantec to keep stolen product code off the Internet. |
|
How To Sell IT Security Services To Your Customers Cyberattacks can cost a business thousands, even millions, of dollars, and can deal a death blow to some. Here's how IT solution providers can help guard against malicious attacks. |
|
Cybersecurity Experts: What They Know Could Scare You A recent report based on interviews with security experts in government, business and academia finds more than half in agreement that a worldwide arms race is taking place in cyberspace. |
 More
Slide Shows |
- Month Of Apple Bugs Starts With QuickTime Exploit
- Researchers Plan Campaign To Flag Apple Security Flaws
- Researcher Says Intel Macs Could Invite More Exploits
- Microsoft Shows Its Love In Valentine's Day Patch Release
- Worker Abuse Protest Targets Apple, Supplier Foxconn
- Report Says iPad 3 In March; What Do Apple VARs See Ahead?
- Seven Hot Business Apps For Mac OS X
- Insider Threats: The Next Frontier for Security Resellers and SMBs
- Complete Security and Your Bottom Line: Sophos, Value and the Channel
- Tough Threats, Tougher Security: How You Can Leverage New Solutions To Combat A “Targeted Attack” Landscape
- Dark Clouds Ahead: Why the Mid-Market Needs To Ramp Up Cloud Security and How You Can Help Them Get There
