October 28th, 2008
Talkback Tuesday: latest MS vulnerability
Everyone was discussing the MS08-067 vulnerability and its out-of-cycle patchlast week. My post on the topic elicited several comments from our readers, including the following by frgough:
If this had been Apple, the article slant would have been all about
poor security models, inherently flawed structure with lots of
adjectives like massive, dangerous, overconfident, etc. thrown into
the mix.
Truth be told, ever since OS/X came out I have gladly contributed a significant portion of my salary to Apple over the years. From a security standpoint, however, Apple has yet to face the same threats that drove Microsoft to develop the Security Development Lifecycle, an process management system created to help grow better software and software engineers. As I discussed in the past, Apple won’t have to face the same sort of threats that are projected at Microsoft until their market share increases. However, I am certain that Apple will step up when and if they begin to experience those issues.
Adam J. O'Donnell, Ph.D. is an R&D engineer who has focused on computer security since 2000. He currently is the Director of Emerging Technologies at Cloudmark, a messaging security company located in San Francisco. See his full profile and disclosure of his industry affiliations.
Subscribe to Zero Day via Email alerts or RSS.
