Admittedly, I let Miranda here update every week, but I just checked.
1 Security update, 4.2 MB (about average size.)
Not five. There are 4 listed on the apple website, but they are one each for 10.2.8 and 10.3.3 for the client version and for the server version. This is like having a security update for XP Pro, XP Home, Me, and 2000 released all at once. (or better analogy, like security updates for both NT Server and NT client, and XP Pro and XP Home coming out). Further, these were UNEXPLOITED security holes. So Apple was doing the bright thing and patching holes before they became issues. Stunning. Locking the door before the horse gets out.
And if this makes Sasser look like a nasty nip.... well.... what was doing the nipping? A baracuda? (when I watch my junk mail rates jump from 4-7 a day to 200+ a day on a single account because of a single virus, that's not a nip.)
Quoting from MacSlash, quoting from someone else : Mac Causey writes "Techworld has posted a sensationalist and agenda-driven story entitled "Mac OS X Riddled With Security Holes." The article negatively contrasts OS X security holes that were patched before anyone actually exploited them against the Sasser worm, which calls a "nip" by comparison. How an at-large, wild virus that has cost companies millions of dollars can be called a "nip" compared to theoretical holes that have never been exploited is beyond me. Read the bulletin board responses, they are much more interesting than the article." apple.slashdot.org is also covering this.
Here's the original story:
http://www.techworld.com/security/news/index.cfm?newsid=1497 But I find it suspect considering techworld's reputation as a MS booster. This is not the first time I've come across highly negative articles from this source about Mac. By percent of market share, they tend to beat Mac pretty heavily and by percentage of articles (remember how Gov. Dean got spun - this is the same trick) it's not much better.
On edit, after having learned a bit more about Techworld, I'm even less surprised. They have a rep for letting their advertisers write, or contract out to write, articles for them. Geez, I remember this from my days on the small town weekly - the advertiser who bought the most ad space that week got a feature the next. Further, this article was based on a single security consulting company's report, not on several. That's just bad journalism. If I took that approach to believing what was fed me, I'd be thinking that Faux News was right on the money. Not in politics, not in computers.
So the other patches referred to are old ones that they're pushing because there's no such thing as perfect security. Don't be fooled - nothing is secure.
That said, I feel a lot more comfortable with Miranda and our weekly updates than I ever did with her predecessor, McAfee, Norton, the thrice-weekly MS patches and hypervigilance.
Not to turn this into a MS Versus Mac debate, but dammit, I've got better things to do with my computer than worry about email attachments, security holes, and crashes. So beat me. I'm a user, not a tinkerer. And I'm not boostering for a specific platform (I can't - we've got 6 different platforms in this house, 4 flavors of Unix (including OSX), two of windows.) I'm saying that this is bad journalism, aimed at pleasing the advertisers. Money pushes news in Technology press, too.
Pcat (who should be writing)