[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <018901c39dbc$2e7b4970$6401a8c0@corp.ad.timeinc.com>
Date: Tue, 28 Oct 2003 20:30:05 -0500
From: "Joshua Levitsky" <jlevitsk@...hie.com>
To: "Thor Larholm" <thor@...x.com>, <bugtraq@...urityfocus.com>
Subject: Re: Mac OS X vulnerabilities
----- Original Message -----
From: "Thor Larholm" <thor@...x.com>
Sent: Tuesday, October 28, 2003 2:23 PM
Subject: Re: Mac OS X vulnerabilities
> When most vendors are notified of security vulnerabilities in their
products,
> they produce a patch for the affected versions of the software and
distribute it
> for free. Does Apple plan to distribute a free patch for these security
> vulnerabilities to Mac OS X 10.2, or will my clients have to spend $129
per
> workstation (the single user upgrade price) to have their Apple computer
stay
> secure?
This is the first line of the APPLE-SA-2003-10-28 Mac OS X 10.3 Panther
email sent to the Apple Security list today....
"Mac OS X 10.3 Panther has been released, and it contains the following
security enhancements:"
That sounds like they expect you to upgrade. Time will tell of course. Apple
has only had a real OS for about a year or so. (Everything before 10.2 was
unusable and certainly Mac OS 9.x was a childrens toy, not an OS.)
If Apple is responsible then we should see 10.2 patches backported. I think
it's reasonable that 10.3 patches come, and then 10.2 patches, and Apple
should have some Life Cycle policy to say if everything before 10.2 is EOL
or not. It's all a new world with Apple. Let us hope that they do not let us
down.
--
Joshua Levitsky, MCSE, CISSP
System Engineer
Time Inc. Information Technology
[5957 F27C 9C71 E9A7 274A 0447 C9B9 75A4 9B41 D4D1]
Powered by blists - more mailing lists