If you are using a Mac right now, be sure to get Apple’s latest security update. The update, released today, patches a whopping 92 vulnerabilities, a third of them critical. This security update actually breaks a record established in March 2008—that update patched a mere 90 vulnerabilities.
The latest update fixed flaws in 42 aspects of the operating system, from QuickTime to AppKit. 18 of the vulnerabilities were Leopard-specific, 29 were Snow Leopard-specific, and the remaining 45 affected both Leopard and Snow Leopard (thanks a lot, Apple, for just leaving us Tiger users out all alone with no security updates).
More than 40% of the vulnerabilities were critical and could have been used by attackers to hijack a Mac.
The update did not come as a surprise to many analysts. Apple typically releases updates to iTunes and QuickTime before it releases new products that rely on iTunes. Analysts have also predicted that an iPhone update will be released this week, too.
Via Computerworld, image via Apple.
An update to Apple’s latest operating system, Snow Leopard, is probably going to be released to the public in the near future. The private beta, Mac OS X 10.6.3, available to developers, has been undergoing testing. According to sources familiar with the beta versions, Apple is asking developers to focus on certain applications, such as Mail and QuickTime. In an earlier beta version, developers focused on iCal and fonts.
When Mac OS X 10.6.3 is released, there will be a QuickTime update that provides enhanced security and compatibility. There are still some other issues that will hopefully be solved, including a problem with copying files to a shared Windows volume.
Apple has given developers two betas of this update in very quick succession. It normally only does this if the update is due to be released soon or if there is a dangerous glitch in the system. No dangerous glitches have been reported about this update.
Via Network World, image via Apple.
On Tuesday Apple released a security update for Leopard and Snow Leopard (unfortunately, no updates for those still using Tiger) that patched 12 vulnerabilities, seven of which were in Adobe Flash Player and one involving secure internet traffic. The security update was much smaller than Apple’s recent update, released in November, that fixed close to 60 flaws.
The Flash Player patches updated it to version 10.0.42.34, the edition that Adobe shipped in December 2009 with Windows and Linux operating systems. Apple bundles Flash Player with its operating system, so it can distribute Adobe patches.
Nine of the 12 issues fixed were described by the phrase “may lead to arbitrary code execution,” which in Apple language means attackers could have exploited and hijacked a Mac due to these flaws.
Another notable problem fixed by this update was a flaw in SSL (secure socket layer) and TLS (transport socket layer) that could have allowed attackers to capture encrypted data. Two security analysts working at PhoneFactor discovered the flaw in August 2009.
Via Computerworld, image via Apple.
Apple has begun testing of Mac OS X 10.6.3, the next security and maintenance update to its latest version of OS X, Snow Leopard. So far, the update includes bug fixes for over ninety system components in Snow Leopard. Sources have said it includes 221 code corrections to 92 system components.
The components getting the most attention in this update will be AppKit, CoreMedia, Desktop Services, FileSync, Fonts, HIToolbox, iCal, Mail, MobileMe, and QuickTime Player X. Other improvements will be made to Snow Leopard’s automatic spell correction, as well as crash fixes for AppKit, the Dock, iCal, Mail, Photo Booth, Rosetta, Spotlight, Screen Sharing, and Software Updater, which are reportedly prone to crashes while documents are printing.
The current beta version of this update has four known issues which will hopefully be fixed by the time of its release. They are errors in iTunes, potential anomalies while updating applications, viewing Display preferences, and navigating ColorSync’s Filters tab.
Apple started preparing the update almost a month ago but decided not to release it until after the holidays. The previous update to Snow Leopard, 10.6.2, addressed a very disastrous bug that could delete a user’s account data while logging in and out of a guest account. It also gave support for the Magic Mouse.
Via AppleInsider, image via Apple.
One of the many updates in Apple’s new operating system update Snow Leopard was a malware blocker. The blocker scans software downloads for malware, which is a good idea considering recent increases in malware found in pirated Mac software. Though Apple has famously claimed that Macs are safe from the viruses that plague Windows computers, they are not taking any chances and actually recommend the use of third-party security software.
Apparently, Apple has kind of let their malware blocker fall by the wayside. They have not released updates that would help scan for two Trojan horse programs that target Macs, nor have they expanded the malware blocker’s signature base to include many DNS-Changer threats that are specifically targeting Macs. DNS-Changers change a Mac’s DNS server, which then load fake web pages and steal users’ data.
The malware blocker is a great idea, but it could benefit from more attention. The currently available version only scans downloads from certain applications, which include Safari, Firefox, iChat, and Mail. Apple needs to offer more protection on their computers as security threats to Macs increase.
Hey you! Want to install Mac’s Snow Leopard OS onto your non-Mac netbook? Fortunately with this following hack, you can. A forum member at InsanelyMac posted a patch that allows users to install the Mac OS X 10.6.2 update on their netbooks. Testing has ensued for roughly a week already and the hack seems to be in full operation.
Image via SoftSailer.
Thank your lucky stars, hackers – even though older iterations of Mac OS X 10.6.2 had didn’t support the Intel Atom, a new seed has re-enabled support for the CPU so you can get back to laughing in Apple’s face over its refusal to make a netbook.
This news comes as Stell’s blog – which announced the problem in the first place – was updated with the following information:
“Anyways, in the latest development build Atom appears to have resurrected itself zombie style in 10C535. The Atom lives another day, but nothing is concrete until the final version of 10.6.2 is out.”
The final release still may not keep support for the Intel Atom CPU, but it unlikely that the feature will be dropped. Hackintoshes hardly cut into Apple sales if they do at all, and excluding them from all the Mac OS X fun would alienate enough people to make it worth it.
We’ve seen some pretty clever and professional Hackintosh netbooks out there, all likely a product of Apple’s unwillingness to join the netbook industry. Unfortunately for those with enough time on their hands to make one, a recent update to Leopard – OS X 10.6.2 – is undermining their hard work.
The culprit is a number of CPU-related changes that render the OS incompatible with Intel Atom CPUs. The Atom runs on the vast majority of netbooks, including the MSI Wind many hackers are fond of for this particular project.
Anyway, if you’re reading this from your Hackintosh just as your Leopard update downloads on Firefox, I suggest you wait for a full release of Leopard to see if Atom compatibility comes your way.