By Gregg Keizer
Dec 20, 2006
A pair of security researchers plan to launch a month-long bug list of
zero-day Mac OS X and Apple application vulnerabilities starting Jan. 1.
The "Month of Apple Bugs" project, which will be similar to November's
"Month of Kernel Bugs" campaign, will be hosted by the kernel bug poster
who goes by the initials "LMH," and his partner, Kevin Finisterre, a
researcher who has posted numerous Mac vulnerabilities and analyses on
his own site.
"In the spirit of the other Month of XYZ projects, most of these issues
will be 0day [sic]," wrote Finisterre in a reply to a message on
Several of the bugs outed by LMH in the Month of Kernel Bugs affected
Apple's Mac OS X operating system, including multiple vulnerabilities in
its wireless implementation.
LMH and Finisterre plan to disclose one Apple flaw each day next month,
copying the practice first set by researcher HD Moore, who ran a daily
browser bug blog in July.
The Month of Apple Bugs site is not yet active, but will apparently be
Subscribe to InfoSec News