Apple today released Security Update 2005-009 via Software Update which delivers a number of security enhancements and is recommended for all Macintosh users (Mac OS X 10.4 through 10.4.3, Mac OS X 10.3.9)
This update includes the following components:
• apache_mod_ssl
• CoreFoundation
• CoreTypes
• curl
• iodbcadmin
• OpenSSL
• Safari
• sudo
• syslog
For detailed information on this Update, please visit this website: http://docs.info.apple.com/article.html?artnum=302847
Standalone installers are available here: http://www.apple.com/support/downloads/
Advertisements:
The New iMac G5 – Built-in camera and remote control. From $1299. Free shipping.
Apple USB Modem. Easily connect to the Internet using your dial-up service. $49.00.
The New iPod with Video. The ultimate music + video experience on the go. From $299. Free shipping.
Connect iPod to your television set with the iPod AV Cable. Just $19.00.
Is this one for the bird flu?
no, sans bird flu
If Apple say its good for me – then its good for me. Blindly following – and just fine for it…
Bird flu?! LOL
Gee, I had to download this separately, over here in the UK Software Update doesn’t yet know about this Security Update.
it knows about it in MS-land…. errr Denmark.
This is so those of us with sub-5Meg broadband don’t feel left out.
Patched here okay, BTW.
John, over here in the UK Software Update doesn’t yet know about this Security Update.
Yeah, but you do know your football in ukland
UK Software Update ‘IS’ working, just updated, what you flapping for.
Can’t download the standalone from any browser … weird.
Got it and seems to work o.k. for me so far.
Is this thing like the Sony “security” software?
These Security updates, is this what Microsoft is continually doing (except in a bizzaro way)
Wow – all the security stuff feels snappier now.
I havn’n installed a security update in years. I’ve had no problems.
I wonder if this is in response to that SANS security story? I know Apple is on the ball when it comes to securing OSX unlike some other company we know.
For anyone tempted to smirk and giggle and point out that Mac OS X has to “patch holes” just like Windows, it should be noted that almost all of the “vulnerabilities” found in Mac OS X involve “privilege escalation”, not remote attack. In other words, the vulnerability could allow someone who already has access to your Mac to gain root access, but it couldn’t be used to gain access in the first place.
This is in stark contrast to Windows, where hole after hole in security has allowed attackers to ownz0r your PC from halfway around the world. There just isn’t any comparison.
Hmmm LordMoron, OpenSSH, curl, Safari, apache_mod_ssl all sounds like non-remote holes eh? you dumbass
Mactard (singular). The only remote attack was on Apache. HARDLY an Apple product: it affects any and every system using Apache.
The weaknesses – now removed in Safari – were of the kind that could allow malicious URL execute arbitrary code. Quite serious but not virus-welcoming security holes.
Curl, as for Apache. Not pertaining to OS X: it affected any and every system having curl installed, and was as for Safari issue.
Looks like you lack the correct definition of REMOTE holes. If they need user intervention, ie users visiting malicious websites, they are not REMOTE attacks as the action is initiated locally.
Remote, Mactard, pertains to attacks that infect your computer while you are busy getting screwed by your local Microsoft representative. They do not need user intervention in order to be effective.
Caveat: also being screwed by Microsoft is not a REMOTE hole, as it is your local hole, the weakness is in your brain, and Microsoft needs user intervention in order to screw you.
Don’t know if it is related to the update or not, but as soon as I updated my Apple wireless mouse keeps losing connection.