OS X Vulnerability Not Patched

According to this CNET article, the security patch that Apple released last week to fix what is being called the Safari vulnerability (inappropriately named since every browser I tested is vulnerable) has failed to fully fix the issue. According to the article, “the biggest problem is that there seems to be no easy solution.”

According to an Unsanity spokesperson, “there’s lots of overlap between useful applications of this functionality and malicious ones, meaning that Apple can’t easily fix this without removing useful features from its operating system and from existing apps.”

While it’s true that it may be tricky to address the issue the OS level, patching the browser is pretty straightforward. I guess the problem is that Apple can’t patch all the browsers you have installed on your machine, so they feel they need to fix it at a lower level, which is fair enough. In the meantime, don’t wait around. There are several fixes out there, the easiest of which is posted right here on this weblog (as long as you are using Firefox, or don’t mind switching to it).

Comments are closed.