How Not to Distribute Security Patches

Over the weekend MySpace was hit by a password stealing computer worm that took advantage of a weakness in Apple's QuickTime media player to spread rapidly among the online community's users. On Tuesday, MySpace administrators sent around a memo urging millions of users to download and install a new Apple patch to prevent future copycat attacks.

I think MySpace and Apple deserve credit for a prompt response to an obvious and serious security problem. That said, it appears as though both sides completely fumbled this patch rollout. How Not to Distribute Security Patches - Security Fix

Linked by shanmuga Wednesday, 6th December 2006 11:17PM