It appears that the Month of Kernel Bugs folks are going to be targetting Mac OS X kernel bugs in January.
Even more annoyingly, January is the month when lots of staff are still likely to be on holidays, so least likely to be able to respond rapidly. Hopefully lots of their computers will be off though (reducing greenhouse gas emissions), perhaps limiting the damage.
Then again, having managed to kernel panic my Mac from within QuickTime for Java the other day, I say bring on the fixes Apple!
Speaking of QuickTime for Java and Security holes, Apple released Security Update 2006-008 which patches a hole which could allow a QuickTime for Java applet to grab an image from your iSight and upload it to the web server. More discussion and a demo link here on Macslash. Assuming you haven’t installed the update yet.