There is a bit of a fuss being made by Apple fans today, as once again reality contradicts their claims of the invulnerability of their favourite devices. The less serious but still active bug is more an inconvenience than a threat, but having your device crash simply because you visited a webpage is more than a little embarrassing.
The second vulnerability involves SecureAnywhere and while it has been mitigated in recent updates (220.127.116.11) it was unpatched for quite a while. The patch was released several months ago, but it is only this week we are learning about it, with the justification offered to The Register following the usual claims that letting people know might expose more devices to the threat. Security through obscurity can lead to delayed upgrades as users wait to see if a patch has negative effects, while leaving themselves open to attack. In this case the vulnerability was only effective on an already compromised device, hopefully that reduced the number of people targetted.
"Details of a locally exploitable but kernel-level flaw in Webroot's SecureAnywhere macOS security software were revealed yesterday, months after the bug was patched."
Here is some more Tech News from around the web:
- This Xbox 360 is Powered by Steam @ Hack a Day
- Linus Torvalds is taking a break from Linux to wash his soapy mouth out @ The Inquirer
- Quantum Computing and Cryptography @ Linux.com
- Google's search engine for China could link searches to users' phone numbers @ The Inquirer
- Microsoft Windows U-turn Removes Warning About Installing Chrome, Firefox @ Slashdot
- Tracing The Groundwork Of NVIDIA’s Turing Architecture @ Techgage
- Google Remotely Changed the Settings on a Bunch of Phones Running Android 9 Pie @ Slashdot
- Customizing Windows 10's Context Menu: Add, Remove Items & More @ TechSpot