Apple is tracking a number of supposedly unpatched flaws
in the Mac OS X operating system that could put Mac users at risk
of a cyberattack.
The most serious of the flaws could enable attackers to
surreptitiously run malicious code on users' PCs, said a Mac
security researcher, Tom Ferris, who detailed seven potential flaws
in Apple's operating system.
Five of the flaws identified by Ferris relate to how Mac OS
handles various image file formats--including BMP, TIFF and GIF.
Another flaw involves the way OS X decompresses Zip archives, and
there are said to be several bugs in Apple's Safari browser. Apple
has said it is in the process of investigating and addressing the
vulnerabilities, insisting they are potential vulnerabilities, with
no known exploits.
Ferris has a track record of releasing information on flaws in
several Apple products, including iTunes, QuickTime, and the
Firefox Web browser.
Apple has the same problem as Oracle and Microsoft: overzealous
security researchers who seem more concerned with blowing their own
trumpets and naming and shaming than serving users’ needs. On the
other hand, without the attendant publicity, would those
vulnerabilities get fixed?