Skip to main content

Month of Apple Bugs Releases QuickTime Flaw

The Month of Apple Bugs project—a follow up to a Month of Kernel Bugs and A Month of Browser Bugs—vowed to release details of bugs and securty exploits in Apple’s Mac OS X operating system and popular Mac OS X applications…and the project is off and running, publicizing the details of a possible security exploit in Apple’s QuickTime software by overflowing buffers with specially crafted rtsp:// URLs. The bug impacts QuickTime 7.1.3 for both Mac OS X and Windows.

The Month of Bugs projects have been the center of some controversy; many software developers and security analysts feel it is irresponsible to publish the details of working security vulnerabilities in widely-available software, arguing that only feeds the ever-active malware communities lurking on the Internet’s dark underbelly and the possibility of real-world exploits. The responsible thing to do, they argue, is report the issues to the software vendors and security agencies, and publicize the details only when a patch or fix is available.

On the other hand, the “report and keep quiet” methodology rubs some people the wrong way: if their computers are vulnerable, they want to know the details now, regardless of whether a patch or fix is available, so at least they know what they’re up against. The participants in the Bug a Month projects—such as the “mysterious” programmer operating under the tag “LMH”—have also expressed frustration at the amount of time software developers like Apple and Microsoft take to patch seemingly trivial vulnerabilities.

In any case, it would appear that Apple’s Mac OS X and key applications—certainly not immune to security problems but thusfar spared the malware pain of the Windows world—are under a very public microscope.

Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
Apple’s macOS Sonoma has a game-changing feature — literally
A person plays games on a MacBook using a third-party games controller.

Apple’s Worldwide Developers Conference (WWDC) was chock-full of new announcements, and it’s fair to say that between the Vision Pro headset and all of Apple’s new Macs, macOS was far from the biggest new reveal. Yet, there was one new macOS feature that could be absolutely game-changing.

That’s because right now, Mac gaming is in a pretty bad way. Gamers don’t buy Macs because there aren’t enough good games, and developers don’t port their games to the Mac because there aren’t enough people to play them. It’s a chicken-and-egg situation caught in a death spiral.

Read more
It’s time for Apple to finally kill the Mac Pro for good
A close-up of Apple's Mac Pro from 2019 showing the front "cheesegrater" grill and top handle.

The Mac Pro has always been the cream of the crop in terms of performance. That's why its transition to Apple Silicon has been so highly anticipated over these past couple years.

But with the latest reports pointing to yet another delay, it's time to get serious about whether or not an Apple Silicon Mac Pro make any sense at all in the new lineup Apple has created. Given the situation, maybe it's time for Apple to kiss this design goodbye for good.

Read more
Here’s why WWDC could be a ‘critical event’ for Apple
Apple CEO Tim Cook looks at a display of brand new redesigned MacBook Air laptop during the WWDC22

Apple is planning a packed line-up for its Worldwide Developers Conference (WWDC) on June 5, which could become “one of the most critical events in the company’s history.” Aside from the company’s upcoming Reality Pro headset, there will be major updates to Apple’s software systems, including the biggest watchOS revamp since the Apple Watch launched in 2015.

That’s according to a new report from Bloomberg journalist Mark Gurman, who has a history of accurate predictions and leaks surrounding Apple products. It suggests that WWDC will be a chance for Apple to set out its future ambitions for a “post-iPhone era.”

Read more