|
Aspire One AOA110-1295 Notebook |
Compare the top 5 lowest prices by hovering your mouse over the product names on the left |
$337.31 |
|
Eee PC 1000H Notebook | $444.00 | |
|
Compaq Presario C770US Notebook | $609.00 | |
|
Aspire One Mini A150-1006 Notebook | $416.88 | |
|
My Passport Essential Portable... | $119.99 |
Interview: Bigfoot's Killer NIC, Exposed
Since its release, the Killer NIC has garnered a reputation for being an extravagant and largely unnecessary add-on for the do-it-yourselfer. Seeking additional insight, we approached the card's designer. Read More
- 16:9 Ratio Notebook Panels To Become Mainstream In H2
- Osram Introduces LED For Use In Thin Displays
- Magnesium-aluminum Alloy Notebook Chassis Pricing To Rise More Than...
- Silicon Valley Businesses To Be Hit With Global Warming Tax
- Teenager Arrested For Posting Naked Ex-girlfriend Pics On MySpace
- Multi-core Processors: Interplay Of Hardware And Programming Models
- NASA's Solar Probe Will Like It HOT
- Nanotubes Can Cause Cancer, Lawyers Lining Up
- US IT Workers Becoming Fatties
- Qimonda And AMD To Partner For Launch Of GDDR5
Core Security Publishes Apple iCal Vulnerabilities After Apple Fails To Patch
Source: Tom's Hardware – Category : Miscellaneous 2 comments
Researchers from Core Security Technologies yesterday grew weary of waiting for Apple to release a patch for vulnerabilites in Apple’s iCal application, which they discovered several months ago.
The three vulnerabilities affect iCal v3.0.1 that comes as standard with Mac OS X 10.5.1. One other additional bug in iCal Server, a component of Mac OS X Server, was also found.
The report states,
“Three vulnerabilities discovered in the iCal application may allow un-authenticated attackers to execute arbitrary code on vulnerable systems with (and potentially without) the assistance from the end user of the application or to repeatedly execute a denial of service attack to crash the iCal application.”
Core first got in touch with Apple on January 30th of this year to let the company know they had discovered vulnerabilities in the iCal application and iCal server and that an advisory draft was available. Apple replied the next day and requested said advisory.
Things after that get a little messy with Core repeatedly asking for a release date for patches to fix the bugs (so they could publish the information) and Apple contesting the severity of two of the three iCal vulnerabilities and constantly changing the release date of the patch. Core maintained that all three of the flaws were serious while Apple claimed only one the iCal bugs was a security vulnerability. Apple also claimed that the server bug was not in the iCal Server but the Wiki Server.
Apple patched the server problem in its March update, however no other patches for the iCal bugs were released. Core Security delayed publishing details of the iCal bugs because of Apple’s request for more time. Original the company said the iCal fixes would be included in the March 18 update. It then said late April and subsequently, early May. Apple finally settled on Monday the 19th as the release date for the fix.
Apple requested further delays on May 10th and this is when Core decided it had had enough. The company said it would discuss rescheduling but two days later set the 21st of May as the day the company would publish its findings regardless of whether or not Apple released a patch.
As you may have noticed, no patch came. Core Security’s full report including a time-line and log of correspondence with Apple are available here.
-
Previous News Article
Five Reasons Why An Apple Tablet... -
Next News Article
HP Pitches Green Printers, Samsung...
React! Return to news index
- PhD Student Makes World's "Most Advanced" Walking Robot
- HP Pitches Green Printers, Samsung Green Hard Drives
- Core Security Publishes Apple iCal Vulnerabilities After Apple Fails To Patch
- Five Reasons Why An Apple Tablet Makes Sense Now
- Nvidia To Acquire Ray Tracing Company
- Alienware Relaunches Flagship ALX Desktop With 4 GHz Quad-core Processor
But Apple is better!
They likely have no or very little infrastructure to fix vulnerabilities as everybody knows Apples aren't vulnerable in the first place.
With Apple sitting around 20% laptop market share the clock is just now starting to tick on that theory.