I have always been amused when Apple users (or the corporation itself, for that matter) point to the lack of security issues with the platform's software as an indicator of some degree of superiority to the non-platform that is the Personal Computer. I'm not sure what exactly was supposed to be unique about Apples - hardware or software? I guess if it were hardware, now that the Mac line-up is running Intel silicon, the users at least have an out. If that is the case, I won't point out the heresy that is continuing to be an Apple zealot in this post-PowerPC era. But if it was the Apple software developer's Zen-like, omniscient ability to create unbreakable code, then that generation must have moved on to their next lives. Because I'm afraid the first casualty in January's "Month of Apple Bugs" has been delivered:

The QuickTime vulnerability relates to how the media player software handles the Real Time Streaming Protocol, or RTSP, according to an advisory published on the Month of the Apple Bugs Web site. An attacker could create a special RTSP string in a rigged QuickTime file that would cause a buffer overflow, according to the advisory.

"The risk is having your system compromised by a remote attacker, who can perform any operation under privileges of your user account," said LMH, the alias of one of the two security researchers behind the Month of the Apple Bugs. "It can be triggered via JavaScript, Flash, common links, QTL files and any other method that starts QuickTime."

And no, I'm not glossing over the fact that Windows is susceptible to the exploit as well. Because that's just to be expected since it's a piece of junk, right? I'm just enjoying the irony that it's Apple's code this time. :)