Let’s be careful out there

The month of Mac exploits has kicked off, with yesterday’s publication of a buffer overflow vulnerability in the latest version of QuickTime. I for one welcome the discussion of possible vulnerabilities on Mac OS X. As a long time user and computer software professional, you can only secure things through design up to a point and the more that Apple and the industry openly investigate and fix these security vulnerabilities, the better off everyone will be. More discussion on Slashdot, including an interesting disputation of the findings—is it possible that the exploit is not as general as claimed?

Update: within 24 hours a fix for the vulnerability has been posted. Interestingly, the fix comes from a former Apple developer and uses Application Enhancer to fix the vulnerability at runtime.