Apple releases Security Update 2004-06-07

Apple today released Security Update 2004-06-07 delivers a number of security enhancements and is recommended for all Macintosh users. This update includes the following components:

DiskImages
LaunchServices
Safari
Terminal

Mac OS X will now present an approval alert when an application is to be run for the first time either by opening a document or clicking on a URL related to the application.

Security Update 2004-06-07 is available via Software Update.

For detailed information on this Update, please visit this website: http://www.info.apple.com/kbnum/n61798

18 Comments

  1. Oh man
    This is a super monday ” width=”19″ height=”19″ alt=”wink” style=”border:0;” />
    Even a security update?

    First POST

  2. It is not fun thought that these updates needs a restart 🙁
    There goes my perfect uptime record back to the zero 🙁
    I hate that!

  3. To remove Paranoid Android use the installer that came with PA or re-download ( make sure you download the same version) and use the UNINSTALL button instead.

  4. Where is Mr. Blow Chunks and his doom and gloom about Apple Security? Or did this fix come from Apple too quickly (unlike some other software “makers” out there) or was this too insignificant to warrant a tirade and “all those horrible OS problems” are still lurking out there just waiting for an exploit? Come to think of it, haven’t seen any response from Chunks on the comments from me and others on earlier threads … hmmm… wonder why…

  5. Buried, probably in a Thurrotian fashion, they are all desperately looking into Google to fing news of another *proof* of concept and will be back – never mentioning these fixes – glooming: “Ah ha, ANOTHER OS X security weakness (say something from opensource code): it is as swiss cheese as Windows” or similar idiotic statement.

    What can we say, every community has its village idiot. The Mac community has all the +90% market share Windows users as village idiots.

    Do not worry Caesar, we’ll never be short on trolls or idiots.

  6. Yea yea, bitch about my ranting, but it was me that called the alarm several months back when I first saw these exploits appear in a Slashdot thread.

    If Apple wasn’t such a goddamn non-communicative fortress and simply emailed me or call my frigging house if they couldn’t find the post with the link, these exploits would have been fixed long ago.

    I actually thought they were because a security update was issued right after my notifying Apple. So I never gave it another thought.

    So right I was pissed, we have been exposed and keystroke loggers and all sorts of nasties may be a lot of peoples Mac’s right now.

    Only a complete Zero of your hard drive and a fresh install from the disks works. Just because you reformat, files and code can still be read by the Unix underpinnings on empty spaces not overwritten on the drive by the new format.

    Wouldn’t you be pissed? Two of my friends almost had their accounts stolen, the thieves used a keystroke logger, hijacked the email address and was trying to get the bank to issue a new website pass-code to the account.

    So now I’m ready to sue Apple, anybody else in?

    http://forum.folding-community.org/viewtopic.php?t=8158&start=90

    Sign up page for lawsuit, lets get some money.

  7. Blow chunks,

    Read this from the Apple Security Website;

    “For the protection of our customers, Apple does not disclose, discuss or confirm security issues until a full investigation has occurred and any necessary patches or releases are available.”

    Why would Apple call you?

    What a fool you are.

  8. I think Blow Chunks is mad because he told Apple of the very same exploits months before they were public and they ignored him.

    Seeing how Apple fixed the exploits so quickly after they went public, goes to show there was a communication problem at Apple.

    Maybe the folks at Apple were living in a dream world, they thought themselves as superstars, how could they write code so defunct that it allows multiple exploits to occur?

    It was a big wake up call and a severe black eye on Apple, these exploits were extrememely serious. Apple sure looks like Microsoft in my eyes now.

    The black hats had many many months to use this to their own devices, my machine was compromised. Wierd stuff was running, firewall turned off etc.

    They were snooping around all right, so wake up and smell the roses, they are rotten. Don’t let your guard down now that they are supposely fixed.

    I suspect Apple purposely delayed fixing these exploits to get them under Tiger and the hoopla of new toys, iTMS for Europe and all that jazz.

    Notice how Airport Express was introduced right when the security update came out? That’s called diversion, shake the hand, catch the eye while the other hand picks your pocket.

    They knew about the exploits, yet did nothing until their hand was forced by people going public.

    I can’t see how a bunch of very intelligent people and skilled programmers, engineers etc., could let not one, but 8 serious security holes get by.

    I know somewhere in Apple is a engineer or a software programmer shaking his head and saying “I told you it was insecure”

    But ho ho ho, everybody is going to get happy again, now that there is some new toys to lust after.

    I’m not going to rest until I see Steve Jobs grilled in front of the Department of Justic and the company broken up.

    (ok had you going hahah)

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.