Apple has released an update (10.5.1) for Leopard, which debuted just three weeks ago, that fixes, among other things, three issues with the Application Firewall that could lead network services to be exposed. The company acknowledged Leopard's firewall misleads users with the label "Block all incoming connections" leaving the Mac visible to port scanners, as several researchers had pointed out earlier this month. "This update addresses the issue by more accurately describing the option as 'Allow only essential services,' and by limiting the processes permitted to receive incoming connections under this setting to a small fixed set of system services," said Apple. The other two corrections to the firewall make sure that any application marked not to accept incoming data actually complies, and immediately applies changes to the firewall's settings.
The update also fixes a few bugs that have given early adopters fits, such as a gaffe that cripples some software, including Skype, when the firewall is set to the most flexible option. It also tackles problems formatting drives before they can be used with Time Machine, the integrated backup and restore software. Other non-security fixes address a file copy bug that deleted data if the destination drive suddenly went offline during the job, boost the reliability of iCal in delivering alarms via e-mail, improve Mail's synchronizing with .Mac, makes Windows shared folders both read- and write-enabled when connected via SMB, and resolves an issue with saved passwords on wireless networks. Some reported Leopard troubles, however, did not make the list, including a fix for an intermittent keyboard failure on some MacBook Pro notebooks.
Mac OS X 10.5.1 can be downloaded from the Apple Web site (110MB) or retrieved using Leopard's built-in Software Update feature (40MB).
News source: ComputerWorld