[ISN] January Set As 'Month Of Apple Bugs'

From: InfoSec News (alerts@private)
Date: Wed Dec 20 2006 - 22:33:03 PST


http://www.informationweek.com/news/showArticle.jhtml;?articleID=196701178

By Gregg Keizer
InformationWeek
Dec 20, 2006

A pair of security researchers plan to launch a month-long bug list of 
zero-day Mac OS X and Apple application vulnerabilities starting Jan. 1.

The "Month of Apple Bugs" project, which will be similar to November's 
"Month of Kernel Bugs" campaign, will be hosted by the kernel bug poster 
who goes by the initials "LMH," and his partner, Kevin Finisterre, a 
researcher who has posted numerous Mac vulnerabilities and analyses on 
his own site.

"In the spirit of the other Month of XYZ projects, most of these issues 
will be 0day [sic]," wrote Finisterre in a reply to a message on 
SecurityFocus.

Several of the bugs outed by LMH in the Month of Kernel Bugs affected 
Apple's Mac OS X operating system, including multiple vulnerabilities in 
its wireless implementation.

LMH and Finisterre plan to disclose one Apple flaw each day next month, 
copying the practice first set by researcher HD Moore, who ran a daily 
browser bug blog in July.

The Month of Apple Bugs site is not yet active, but will apparently be 
here [1].

[1] http://projects.info-pull.com/moab


_____________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
 



This archive was generated by hypermail 2.1.3 : Wed Dec 20 2006 - 22:46:40 PST