Apple posts Security Update 2004-05-24 for Mac OS X 10.3.3, 10.2.8

Apple today posted a Mac OS X update to address a theoretical vulnerability in the Help Viewer application that could have been exposed when browsing the web. The update is available automatically to all users through Apple’s free Software Update service or by going to http://www.apple.com/support/downloads/ .

“Apple takes security very seriously and works quickly to address potential threats as we learn of them-in this case, before there was any actual risk to our customers,” said Philip Schiller, Apple’s senior vice president of Worldwide Product Marketing in the press release. “While no operating system can be completely immune from all security issues, Mac OS X’s UNIX-based architecture has so far turned out to be much better than most.”

To maintain maximum system security and stability Apple always advises that all Mac OS X users keep their system current by installing this and all Mac OS X software updates.

Security Update 2004-05-24 for Mac OS X 10.3.3 delivers a number of security enhancements and is recommended for all Macintosh users. This update includes HelpViewer. Security Update 2004-05-24 for Mac OS X 10.2.8 includes HelpViewer and Terminal.

Security Update 2004-05-24 for Mac OS X 10.3.3 is available via Software Update. More information and download link (271KB) here.

Security Update 2004-05-24 for Mac OS X 10.2.8 is available via Software Update. More information and download link (335KB) here.

25 Comments

  1. The problems we are experiencing with Mac’s OS (don’t download and launch anything from unknown sources – DUH!!!) is a far cry from being vulnerable to aps being loaded and running without the user’s knowledge – viruses.

    As others have said numerous times before, Macs are not perfect, they just seem that way when compared to Microsoft’s OS.

    Need something to comapare Mac’s SINGLE problem to? MS Windows have had 78 new viruses show up in the past month. That is more than 2 per day.
    http://securityresponse.symantec.com/avcenter/vinfodb.html#threat_list
    I think I can deal with 1 concern per 5 years much easier than 78 per month!!

  2. Let’s remember that this is an exploit not a virus or even trojan horse. Unlike many of the windows problems, this one requires YOU to go to a specific location to launch the exploit. In this particular case, being a minority OS is probably an advantage since few people will dedicate their website to take advantage of the security hole.
    In any case…Apple is fixing it. ” width=”19″ height=”19″ alt=”grin” style=”border:0;” />

  3. I’ll give the run down

    1: Help Viewer exploit(s) -Patched by Apple

    2: URL scheme exploits – Not Patched

    3: Web link runs script in disk image exploit – Not Patched

    4: Telnet protocol exploit – Not Patched

    This week will go down in Apple history for sure. ” width=”19″ height=”19″ alt=”wink” style=”border:0;” />

  4. Sailfish: cross #4 to user foolishness. Whoever uses telnet instead of ssh is looking for troubles. #3 seems to be treated by configuring the firewall: does not work anymore for me.

  5. The question I ask myself is:

    With Microsoft’s billions – how come they can’t act this fast in sorting out virus or security updates??

    Apple working this fast says a hell of alot about how much they are for their customers!!

    GOOD ONE APPLE – KEEP UP THE GREAT WORK GUYS!!

  6. The mere fact that M$ IS so large means that it can’t act quickly, regardless of the amount of money it has in the bank. They move at the speed of bloat, just like their OS. However, I am still holding out some sliver of hope for Office ’04.

  7. BTW – patch applied successfully; and FWIW never did see any real evidence that this little security problem affected ANYONE adversely or lost any company more than a few minutes time applying said patch, much less any “real dollars”. Personally, I don’t have dmg files open automatically (or any other downloaded files for that matter), use Little Snitch to tell me where the connections are coming from and going to, and that’s only about one-tenth the protection I have to have engaged on my pc at work.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.