Apple is tracking a number of supposedly unpatched flaws in the Mac OS X operating system that could put Mac users at risk of a cyberattack.
The most serious of the flaws could enable attackers to surreptitiously run malicious code on users' PCs, said a Mac security researcher, Tom Ferris, who detailed seven potential flaws in Apple's operating system.
Five of the flaws identified by Ferris relate to how Mac OS handles various image file formats--including BMP, TIFF and GIF. Another flaw involves the way OS X decompresses Zip archives, and there are said to be several bugs in Apple's Safari browser. Apple has said it is in the process of investigating and addressing the vulnerabilities, insisting they are potential vulnerabilities, with no known exploits.
Ferris has a track record of releasing information on flaws in several Apple products, including iTunes, QuickTime, and the Firefox Web browser.
Apple has the same problem as Oracle and Microsoft: overzealous security researchers who seem more concerned with blowing their own trumpets and naming and shaming than serving users’ needs. On the other hand, without the attendant publicity, would those vulnerabilities get fixed?