moab's claim was that apple either doesn't respond or is hostile to security claims - is clearly nonsense. this fix is right in line with all the other fixes apple has released, 99% of them with no push from MOAB's tactics.

Apple took 23 days to patch this. Microsoft and many other vendors patch critical security flaws (which this is) much more quickly. Microsoft fixed the wmp file vulnerability in 2 days. Most zero day vulnerabilities in Windows have been fixed within 3 days. Apple took 23 days. For a company that supposedly prides themselves on security that's a LOONG time. Consider this: in many companies, if a zero day flaw appears in Word or Internet Explorer, companies restrict usage of those applications to limit exposure. When the Word zero day flaw hit a couple weeks ago, my company temporarily suspended incoming Word attachments until Microsoft fixed the flaw 2 days later. If Macs were widely used, the equivalent policy would have blocked QuickTime access for 23 days.

There's one other huge problem with Apple's security updates. If you're not an Administrator on your computer (say, for example, you listened to all those experts who say "to restrict exposure to problems, be a normal user and login as an admin when you have to"), you never get Apple's security updates. Apple doesn't have an "automatically download and install updates" option. The best they've got is "Download and let me know when its ready", but even that only works for admin accounts.

So, with Apple, you either have to stay in touch constantly with security update bulletins, or log in as an admin user once a week just to see if somethings out there.

testudo, you are probably a typical PC user. What are you talking about? That just means if you are not an administrator you must not touch anything related to the System. You probably don't own that Mac or you are just a kid that have a limited access to it.

If you are the owner, there is no reasons not to be an administrator. There is no "problems" you are talking about, this is not a PC. It is a very secure machine, unless you don't trust yourself or don't know what you are doing.

After I installed this update this morning, my Griffin PowerMate programmable control k*** stopped responding. I have Griffin Tech Support looking into this issue. Anyone else had problems with this update?

Turtle boy's a troll.

Z

... so is Fubar.