Apple Patches 12 Weaknesses in OS X
On Tuesday Apple released a security update for Leopard and Snow Leopard (unfortunately, no updates for those still using Tiger) that patched 12 vulnerabilities, seven of which were in Adobe Flash Player and one involving secure internet traffic. The security update was much smaller than Apple’s recent update, released in November, that fixed close to 60 flaws.
The Flash Player patches updated it to version 10.0.42.34, the edition that Adobe shipped in December 2009 with Windows and Linux operating systems. Apple bundles Flash Player with its operating system, so it can distribute Adobe patches.
Nine of the 12 issues fixed were described by the phrase “may lead to arbitrary code execution,” which in Apple language means attackers could have exploited and hijacked a Mac due to these flaws.
Another notable problem fixed by this update was a flaw in SSL (secure socket layer) and TLS (transport socket layer) that could have allowed attackers to capture encrypted data. Two security analysts working at PhoneFactor discovered the flaw in August 2009.
Via Computerworld, image via Apple.
Mac OS X 10.6.3 to Address Bugs in Snow Leopard
Apple has begun testing of Mac OS X 10.6.3, the next security and maintenance update to its latest version of OS X, Snow Leopard. So far, the update includes bug fixes for over ninety system components in Snow Leopard. Sources have said it includes 221 code corrections to 92 system components.
The components getting the most attention in this update will be AppKit, CoreMedia, Desktop Services, FileSync, Fonts, HIToolbox, iCal, Mail, MobileMe, and QuickTime Player X. Other improvements will be made to Snow Leopard’s automatic spell correction, as well as crash fixes for AppKit, the Dock, iCal, Mail, Photo Booth, Rosetta, Spotlight, Screen Sharing, and Software Updater, which are reportedly prone to crashes while documents are printing.
The current beta version of this update has four known issues which will hopefully be fixed by the time of its release. They are errors in iTunes, potential anomalies while updating applications, viewing Display preferences, and navigating ColorSync’s Filters tab.
Apple started preparing the update almost a month ago but decided not to release it until after the holidays. The previous update to Snow Leopard, 10.6.2, addressed a very disastrous bug that could delete a user’s account data while logging in and out of a guest account. It also gave support for the Magic Mouse.
Via AppleInsider, image via Apple.
Snow Leopard’s Malware Blocker Goes Unused
One of the many updates in Apple’s new operating system update Snow Leopard was a malware blocker. The blocker scans software downloads for malware, which is a good idea considering recent increases in malware found in pirated Mac software. Though Apple has famously claimed that Macs are safe from the viruses that plague Windows computers, they are not taking any chances and actually recommend the use of third-party security software.
Apparently, Apple has kind of let their malware blocker fall by the wayside. They have not released updates that would help scan for two Trojan horse programs that target Macs, nor have they expanded the malware blocker’s signature base to include many DNS-Changer threats that are specifically targeting Macs. DNS-Changers change a Mac’s DNS server, which then load fake web pages and steal users’ data.
The malware blocker is a great idea, but it could benefit from more attention. The currently available version only scans downloads from certain applications, which include Safari, Firefox, iChat, and Mail. Apple needs to offer more protection on their computers as security threats to Macs increase.
Via ZDNet.
Get Mac OS X 10.6.2 on your Non-Intel Atom-Based Netbook
Hey you! Want to install Mac’s Snow Leopard OS onto your non-Mac netbook? Fortunately with this following hack, you can. A forum member at InsanelyMac posted a patch that allows users to install the Mac OS X 10.6.2 update on their netbooks. Testing has ensued for roughly a week already and the hack seems to be in full operation.
If you have a netbook that has doesn’t come equipped with an Intel Atom-based processor and want to give the the Mac OS X 10.6.2 a try, click here for a link to the patch.
Via TheMacObserver.
Image via SoftSailer.
Mac OS X 10.6.2 (Snow Leopard) Won’t Kill Hackintosh Netbooks
Thank your lucky stars, hackers – even though older iterations of Mac OS X 10.6.2 had didn’t support the Intel Atom, a new seed has re-enabled support for the CPU so you can get back to laughing in Apple’s face over its refusal to make a netbook.
This news comes as Stell’s blog – which announced the problem in the first place - was updated with the following information:
“Anyways, in the latest development build Atom appears to have resurrected itself zombie style in 10C535. The Atom lives another day, but nothing is concrete until the final version of 10.6.2 is out.”
The final release still may not keep support for the Intel Atom CPU, but it unlikely that the feature will be dropped. Hackintoshes hardly cut into Apple sales if they do at all, and excluding them from all the Mac OS X fun would alienate enough people to make it worth it.
Snow Leopard Update Kills Hackintosh Netbooks
We’ve seen some pretty clever and professional Hackintosh netbooks out there, all likely a product of Apple’s unwillingness to join the netbook industry. Unfortunately for those with enough time on their hands to make one, a recent update to Leopard – OS X 10.6.2 – is undermining their hard work.
The culprit is a number of CPU-related changes that render the OS incompatible with Intel Atom CPUs. The Atom runs on the vast majority of netbooks, including the MSI Wind many hackers are fond of for this particular project.
Anyway, if you’re reading this from your Hackintosh just as your Leopard update downloads on Firefox, I suggest you wait for a full release of Leopard to see if Atom compatibility comes your way.
Via Examiner.
