As of Jan 1 2007, two security researches started posting a bug a day related to Mac’s OSX. They’re doing this in an attempt to force Apple to be more transparent and active wrt their flaws and fixing their flaws. As of Jan 2 they’ve posted one Media Player Format String Vulnerability and one Quicktime Buffer Overflow in its URL Handler.

This work is being carried out by independent security researcher Kevin Finisterre and a hacker known only as LMH.

While some of the bugs might be lower security risks, some will be significant risks, including exploits in the kernel. Besides OSX, they will also be targeting iTunes, Safari, iPhoto and Quicktime.

For more details you can check out this PCWorld article, or even better yet check out the MOAB’s FAQ page (MOAB == Month of Apple Bugs).

Related posts:

1. Playmobil Security Check Point Toy? WTF?
2. Apple Releases 3 New iPhone Ads
3. Apple Macbook Refresh Q3 2008
4. Rogue Apple Dev With An Anti-War Message?
5. Apple Gets Nervous About Windows Mobile?

Related posts brought to you by Yet Another Related Posts Plugin.