Monday, July 27, 2009

Apple adds Security Vulnerabilities

Say what you want about Microsoft including Internet Explorer 8 in its Windows Update. At least you already had Internet Explorer installed and IE 8 is a more secure version than what you had. Sending version 8 to computers as part of Windows Update seems a reasonable and necessary thing. What’s Apple’s excuse? Why does Apple want to add security vulnerabilities to my computer and that of my wife, kids, etc.? That’s right: even after many months, nay a year, of outcry about Apple including Safari and MiniMe (sorry – MobileMe) in their “Updates” for iTunes the worm ridden ones are still at it:

Apple-Updates-Wrong

Note the title bar says “Apple Software Updates”. Now, sure – they do say somewhat farther down that "Safari 4” and “MobileMe Control Panel” are new software. However, for folks used to Mozilla Firefox updates every few weeks, Windows Updates once a month (sometimes more), and other security updates – this looks like a needed security update. Never mind that its real purpose is to block Palm Pre owners from accessing the iTunes store. Yesterday I noticed my wife running her updates. Yes, she then had Safari and MobileMe installed. Thanks Apple for ADDING security vulnerabilities to her machine!

That’s right: adding vulnerabilities. Check Secunia here and see that Safari has its share of them – some not patched yet. Any time you add new software – especially a browser – to a machine you are adding vulnerabilities. Apparently Apple is so worried about getting some market penetration for their lame browser that they need to attempt to disguise it as a needed update and then must hope to trick unsuspecting users into clicking it. Not cool Apple! In fact, if your darn iPods didn’t require iTunes in order to update them correctly I wouldn’t have any of your software on any of our machines.

Fortunately in this case, Safari was installed for all of 10 minutes. Here’s hoping that Apple will come to their senses and stop trying to pass off this foistware on folks.

No comments: