Apple Computer on Monday released a security patch that fixes what the company called the first "critical" Mac OS X flaw.
A combination of holes disclosed by security researchers last month could have allowed an attacker to take over a vulnerable Macintosh, though no such exploits have been reported. Apple issued a partial fix last month, but security researchers had said that the Mac remained open to attack. Apple executives had earlier pledged to release a more complete patch, calling the flaw the first critical security issue since Mac OS X was released three years ago.
Apple said that creating the alert dialog box was the best way to prevent a malicious attack, while still preserving a popular feature of the operating system--the ability to open one program via a link from within another program. That feature allows one to send an e-mail directly through a link in a Web page, for instance. "We believe we found a very good simple change in a core service that prevents these unwanted risks," Apple senior vice president Phil Schiller said on Monday. "This update, to the best of our knowledge, should close off the critical risk."
View: Detailed Information About Patch
Download: Security Update 2004-06-07 ( 10.3.4)
Download: Security Update 2004-06-07 ( 10.2.8)
News source: C|Net News.com
A combination of holes disclosed by security researchers last month could have allowed an attacker to take over a vulnerable Macintosh, though no such exploits have been reported. Apple issued a partial fix last month, but security researchers had said that the Mac remained open to attack. Apple executives had earlier pledged to release a more complete patch, calling the flaw the first critical security issue since Mac OS X was released three years ago.
Apple said that creating the alert dialog box was the best way to prevent a malicious attack, while still preserving a popular feature of the operating system--the ability to open one program via a link from within another program. That feature allows one to send an e-mail directly through a link in a Web page, for instance. "We believe we found a very good simple change in a core service that prevents these unwanted risks," Apple senior vice president Phil Schiller said on Monday. "This update, to the best of our knowledge, should close off the critical risk."
View: Detailed Information About Patch Download: Security Update 2004-06-07 ( 10.3.4) Download: Security Update 2004-06-07 ( 10.2.8) News source: C|Net News.com
What's New in This Release:
· Added possibility to select the default project dir.
· Changed the select drive combo boxes, and added icons.
· Fixed the convert Wav to MP3 window so that open and saves shows correctly.
· Fixed an error when canceling test write in the ISO Writer.
· Fixed so that ISO writer open with the default project path.
· Fixed installer so the file msvcr70.dll installs in the system dir.
· Added an option to backup, and restore the option settings. This is useful if you want to restore the values after an uninstall.
· Added a check when canceling a write, now you will get a question if it’s ok to cancel.
· Fixed an error when there is no sound card available in the Audio Writer.
· Fixed the convert MP3 to Wav window so that open and saves shows correctly.
· The size meter will now work without any CD or DVD in the drive.
· Fixed an error in the size bar when adding small files.
· The ISO converter can now handle big .bin files and convert them to .iso.
· Corrected an issue when trying to convert small .nrg files.
· Added the possibility to enable and disable automatic speed detection from the options dialog.
We're doomed!
Or we just need to patch our OS:es when the fixes are released and shut up.
Yeah.
Yea how many times has that been posted lets see about 90,000,000,000,000 times. Who cares its a fix dl it fix it shut up.
Here's a screenshot of the dialog box:
and to the ppl that click no or cancel when they don't understand. yet another 30% or more of those will click yes the next time it comes up (if it's a spyware program trying to gain constant access to the internet).
as long as it "seems" to work. it's "good enough".
sorry if this pisses some ppl off, i just have had very bad experience with desktop support and or tech support. so i do sound kinda one sided, but i've been through the stupidest kind of questions that i hope any techy never needs to hear. lol. anyways! i'm out
now apple has allowed the user to fix the "exploit" part if they want while still having the feature there. although, anyone stupid enough to download an application from a site they don't trust and then type in their system password to allow it to damage critical files is probably stupid enough to just click yes when any dialog pops up.
honestly, i don't really care if these people get infected/screwed with. use anything with that mentality and you should be punished.
MacOSX: It's not as safe as we all thought.
Thanks for sharing. I will sleep much better tonite knowing that some irrelevant fool on an internet message board hates Apple. Go you.
Honestly, if you don't have something intelligent or valid to say, why waste everyones time by posting?
Btw, I don't own an apple, but I'm just tired of the crap that's been going on here as of late. I guess that's what happens when school lets out.
To support Oik's comment - the EARLIEST it could have been IF I was in the US is 8:20PM - thats still over 5 hours past school time isn't it? That's if I'm on the West Coat
If I was on the East coast it would have been at least 11:00 - A bit late for a school kid don't you think?
"Honestly, if you don't have something intelligent or valid to say, why waste everyones time by posting?"
What does that have to say about YOUR intelligence and validity in YOUR post?
Honestly, what crossed through your mind to make you consciously click on an Apple-related link, then post nothing more than a pointless, inflamatory statement that you *know* wouldn't be taken well? Are you that starved for attention? Really...did you expect people to read what you had to say and think "Boy, he's got a point! He does hate Apple! That's incredible and interesting!" You didn't even bother to back up your statement! It was just completely and utterly pointless.
Grow up, or go away.
Besides the point, what does age have to do with this anyway? While I'm not in school anyway, if I was it would have little to do with it. You must be awefully intimidated by the young people of today to lash out with lame school jokes when you have no clue of their age. It only gives the impression that all old tech-enthusiasts like the people on Neowin take their woes out on young people because they want to feel authorative.
I'm allowed to my own opinion, I didn't ask YOU to waste YOUR own time by replying twice. I on the other hand have a great hate for all things Apple and therefore I am entitled to give a short but sweet statement. I could if I wanted to list all the products which are total ****e and point out their flaws but I can't be bothered. I simply summarised my view of Apple in a short line.
I know it won't be taken well but then again I might be showing 'the light' to some people and turn against them against overpriced, crappy products which are so simplified sometimes I wonder if Apple thought they aiming for children 3 years or younger. With this article, I wonder how many critical flaws there are in OSX? Then again Mac users are too stupid to - after all they use Apple products because they obviously think its too hard to have a choice in what hardware to buy, and shop with aesthetics in mind and not performance. So Apple has done it for them. That's why there is only Mac computers, Mac keyboards, Mac mice, Mac OS, iTunes, Mac Routers. Why can Apple boast in their top 2 reasons to switch - "because It Just Works" and "It doesn't crash"? Maybe because everything is made for each other and because Mac users don't have much choice in what they want. It's almost as stupid as claiming that if I had 2 plain cups of water, and mixed them together - I can market it to the end-user by promoting how the mixing of these 2 cups of water will guarantee no chemical explosions or risks 1 cup might contaminate the other.And when you are feeling more thirsty and want a larger cup? No you don't run down to your local shop and buy a "upgraded" mug, you chuck away the older cup and buy a new one. Maybe Apple should put in their top 10 reasons: "Want a faster Mac? Throw it away and buy a whole new one!"
So there you go - just one reason why I hate Apple. I didn't ask you to hate Apple, I'm simply stating my opinion. And you can't say that wasn't completely un-thought of, after all I've just elaborated on my "pointless" comment I originally made.
Last edited by 13833 on 08 Jun 2004 - 05:11
Yeah, well f*cking said. Peace.
Ok why is he too stupid to understand simplicity? he has rasied some very vailid points regarding apple hardware & software in answer to the posts slating him and yet you still come back with a one liner no different and adding NOTHING to the discussion. justify why apple is simplicity? (which is what you seem to be implying)
when YOU can add a valid point to the discussion and back it up feel free to do so don't just slag off other members
MKO your point was very well put
(and yes, I use a Mac)
(and yes, I own a mac)
The Mac community as a whole has "teased" the Windows community about how secure thier OS is compared to Windows. When the truth more than likely is that since Mac holds such a small market share that no one ever bothered to take the time to look for exploits. Or for that matter make virus's. I think those times are changing. The script kiddies out there have found a new toy to screw with.
MAC is really impopular incluing the hackers groups.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.