Apple gets security bug scrutiny

Security researchers plan to disclose one Apple vulnerability per day for the month of January.

Share

Security researchers plan to disclose one Apple vulnerability per day for the month of January.

On 1 January, two security researchers will begin publishing details of security vulnerabilities in Apple's products. Their plan is to disclose one bug per day for the entire month, they said yesterday.

The project is being launched by an independent security researcher, Kevin Finisterre, and a hacker known as LMH, who declined to reveal his identity.

Some of the bugs "might represent a significant risk," LMH said in an email interview. "Others have a lower impact on security. We are trying to develop working exploits for every issue we find."

The two hackers plan to disclose bugs in the Mac OS X kernel as well as in software such as Safari, iTunes, iPhoto and QuickTime, LMH said. Some of the bugs will also affect versions of Apple's software designed to run on Microsoft's Windows operating system, he added.

LMH was one of the brains behind the recent Month of Kernel Bugs project, which exposed flaws at the core of several different operating systems. It was inspired by an earlier effort, called the Month of Browser Bugs that was kicked off in July.

This latest Apple project is being launched to raise awareness of security vulnerabilities in Apple's products and to "stomp smugness," Finisterre said.

"Recommended For You"

Month of bug disclosures to focus on Microsoft, Apple and Mozilla Apple patches and updates Mac OS X