Apple's latest security update allegedly fails to fix some flaws, a security researcher claims.
The repair includes fixes for a number of security flaws publicised by independent researcher Tom Ferris in April. But, Ferris claims, the latest patch doesn't cover other critical holes he reported to Apple. And he is threatening to publish details of these flaws, too.
Ferris told InfoWorld there were still holes in Safari, QuickTime, and the iTunes application that he reported to Apple but were not patched in the latest release. He did not publish details of those holes on his website in April, but he described them as critical flaws that allow remote code execution.
Ferris said he is considering releasing the details of the unpatched holes on May 14 on his website. He also says he has found new holes in OS X affecting TIFF format files and BOMArchiver, an application used to compress files. He did not provide details about the flaws or proof of their existence.
The news emerges as Mac security concerns attract increasing focus and scrutiny, despite the platform's market share.
Anti-virus and security software companies have started offering products for OS X, and there is debate about whether Apple's shift to the same Intel architecture used by Microsoft Windows will change the security posture of Mac systems.
Officially, Apple downplays security holes in its products and new OS X attacks - which are still rare compared to those targeting Windows systems. But some security industry insiders have suggested that the company should appoint a chief security officer to coordinate the company's response to security.
An Apple spokesman did not immediately respond to a request for comment.