Headline Feeds
Apple (Nasdaq: AAPL) released nine patches for Mac OS X on Thursday, including fixes to adjust for new changes in Daylight Savings Time and to address security issues uncovered in the recent "Month of Apple Bugs" report.
Five of the updates are to reflect new rules beginning this year that Daylight Savings Time will begin on the second Sunday in March and conclude on the first Sunday in November -- in other words, beginning earlier and ending later in the year than it did previously. The patches also reflect changes in time zones throughout the world, as well as some Java reliability and compatibility problems.
Another of the updates is to Final Cut Pro version 5.1.3 and includes important bug fixes, according to the company.
'Month of Bugs' Results
The three remaining patches are to address security concerns that were found in the "Month of Apple Bugs" campaign launched in January. Each day that month the campaign revealed undocumented security flaws in OS X or in applications running on top of it.Apple has released the patches in Universal, Panther and PPC versions.
"From time to time you have to correct exposures in any operating system and in any product," Rob Enderle, president and principal analyst at the Enderle Group, told MacNewsWorld. "The Mac guys like to talk about how much more secure their platform is, but any platform being used is going to be a target."
Whereas Microsoft (Nasdaq: MSFT) has made it a practice to issue monthly "Patch Tuesday" security bulletins to address the need for updates in its products, Apple has not made patch releases a regular occurrence.
"For a long time Apple thought security was someone else's problem," Enderle noted. "Now, just like Microsoft, they're coming to the realization that it is their problem, and if they don't fix it, they're going to have angry customers."
Two of Particular Note
Two of the security patches are particularly important, according to Rohit Dhamankar, senior manager of security research for TippingPoint Technologies.
One addresses a flaw in iChat, the popular chatting application, whereby a hacker could "social engineer" a user of iChat -- that is, convince the user to click on a nefarious link -- and gain control of the user's computer, Dhamankar told MacNewsWorld.
The other involved a similar exposure through Finder that could exploit Safari users in the same way, Dhamankar added. "These were very important fixes," he said.
"Just as the good guys uncover vulnerabilities, so will the bad guys," Shane Coursen, senior technical consultant with the Kaspersky Lab, told MacNewsWorld, "and they will take advantage of them. These patches give users the opportunity to at least keep on par with the hackers."
Talkback: 
