February 11 - 5:15pm EST   IBM's security research and development group, X-Force, has released an annual report that suggests Mac is the most vulnerable operating system. The percentage of patched vulnerabilities compared to the total number of disclosed vulnerabilities was used for the rankings, with Mac OS X and OS X Server each leaving 14.3 percent of the problems unresolved. IBM gave the highest score to its own AIX platform, claiming to have fixed over 96 percent of the vulnerabilities, while Microsoft failed to patch between 5.5 percent and 4.1 percent of the reported issues for its Windows operating systems. [full story]

September 15 - 10:10pm EDT   Apple on Monday unveiled Security Update 2008-006, detailing the various security fixes patched between it and the Mac OS X 10.5.5 update. The updates both resolve a vast number of issues, mostly relating to the remote execution of arbitrary code, many issues resolved were related to performance and password security. Several vulnerabilities could have allowed malicious users to gain access to a list of authenticated users, or to change the password of an unattended station through the login screen. [full story]

June 19 - 9:50pm EDT   Apple on Thursday unveiled a new security update rolled into Safari 3.1.2 for Windows. Which offers users protection against vulnerabilities with the imaging engine, file saving, and malicious code execution. Users could have been affected by maliciously crafted BMP or GIF files, which could allow assailants to learn what is in active memory at any given time. Safari 3.1.2 for Windows is available through Apple Software Update, as well as the company's support page. [full story]

March 18 - 5:15pm EDT   Apple today unveiled Security Update 2008-002, which provides a number of fixes for several system vulnerabilities found in AFP, CUPS, AppKit, and several other system-level resources. Most of the vulnerabilities revolve around maliciously crafted URLs granting access to system-level privileges, while others allow users to bypass system security. The majority of fixes are for Mac OS X 10.4 Tiger and Tiger Server users, while some apply to the 10.5 Leopard equivalents. [full story]

February 11 - 6:00pm EST   Apple's latest Mac OS X Leopard 10.5.2 update and 2008-001 security update for 10.4 Tiger users fixes a number of different vulnerabilities that have existed in a number of different system resources. A stack buffer overflow in Directory Services could allow a local user to execute arbitrary code, while still maintaining system privileges. The issue is resolved by improved bounds checking, and is included with the update. [full story]