Apple Releases 10 'Critical' Security Fixes
Posted by anthony on 25 September 2005 - 03:59 · 27 comments & 3694 views
C|Net News.com is reporting that Apple has released fixes for 10 ‘critical’ flaws in the Macintosh OS X operating system. While no exploits for the flaws were reported, both Symantec and the French Security Incident Response team have said the vulnerabilities were serious and the need to patch them was urgent.

While comment from Apple was unavailable, support pages were updated accordingly. The flaws exposed affected machines to remote attacks using arbitrary commands and e-mail interception. The French Security Incident Response team even warned of possible Denial-Of-Service attacks. This is however only the fourth time this year that Apple has released security fixes for Mac OS X.

View: Full Article @ C|Net News
View: About Security Update @ Apple Support

What's New In This Release:
  • Automated update to streamline product upgrades. Notification of an update is more prominent, and updates to Thunderbird may now be half a megabyte or smaller. Updating extensions has also improved.
  • Spell check as you type.
  • Built in phishing detector to help protect users against email scams.
  • Podcasting and other RSS Improvements.
  • Deleting attachments from messages.
  • Integration with server side spam filtering.
  • Reply and forward actions for message filters.
  • Kerberos Authentication.
  • Auto save as draft for mail composition.
  • Improvements to product usability including redesigned options UI, and SMTP server management.
  • Many security enhancements


There are 27 additional comments
Advertisement
(6 replies) Quote this comment Reply to this comment #1 Posted by Gary_Player on 25 Sep 2005 - 04:21
I patched this up 2 days ago
Quote this comment #1.1 Posted by neufuse on 25 Sep 2005 - 04:33
well good for you, now let the others who havent find out and do it
Quote this comment #1.2 Posted by lare2 on 25 Sep 2005 - 11:26
^^ Well said
Quote this comment #1.3 Posted by parkker on 25 Sep 2005 - 14:51
QUOTE
This is however only the fourth time this year that Apple has released security fixes for Mac OS X


This one had 10 patches.
Augusts's had 34.
June's was 12.
May's was 5.
The one one in May was 21.
April was 1.
The other one in April was 8.
March had 12.
February had 1.
January had 7

And I left out a half dozen Java updates ...

Thats 111 for the year (and the count is really higher)

So your statement I quoted was grossly dishonest.



Last edited by 89591 on 25 Sep 2005 - 14:58
Quote this comment #1.4 Posted by DjmUK on 25 Sep 2005 - 20:24
^^ and Windows doesn't have a lot of updates of Service Packs per year ey
Quote this comment #1.5 Posted by father dagon on 25 Sep 2005 - 21:33
Who said anything about Windows?
Quote this comment #1.6 Posted by sphbecker on 26 Sep 2005 - 12:32
Not sure how Windows entered the conversation, but it normally gets a Service Pack about every 18 months along with monthly patches. Service Packs for Windows are a lot like 3rd digit updates for Apple (ie, 10.4.2 would be kind of like SP2 for 10.4)
Quote this comment Reply to this comment #2 Posted by MarkMS on 25 Sep 2005 - 04:37
I had mine to run automatically. Looks like Symantec has had a busy week with Mozilla and now Apple.
(1 reply) Quote this comment Reply to this comment #3 Posted by macstorm on 25 Sep 2005 - 06:04
<snipped> Also replied comments removed to prevent flame-bait and ... a war

Keep things civil please

Last edited by 28781 on 25 Sep 2005 - 07:07
Quote this comment #3.1 Posted by macstorm on 26 Sep 2005 - 06:09
sorry I didn't want to start.. a war
Quote this comment Reply to this comment #4 Posted by cork1958 on 25 Sep 2005 - 11:22
Uh-oh!! The great Mac attack!!
(6 replies) Quote this comment Reply to this comment #5 Posted by bucko on 25 Sep 2005 - 13:19
Another way to show macs are getting more popular (being mac minis) Apple must be doing well, my point being more people are reporting bugs - more people using apple. My theory anyway.
Quote this comment #5.1 Posted by MarkMS on 25 Sep 2005 - 14:04
You could be right, but then again Linux distros also have updates and some are critical. It could just mean they are trying to stay one step ahead.

Wouldn't it be hard to have tons of minor bugs like on a Windows/Linux where almost no one has the same hardware/software? I mean, essentially everyone on an Apple runs almost the same hardware and software is very limited for OS X. Only difference if maybe a Powermac with different video cards or something.

I'm just saying that it might be easier for Apple since they control the hardware/software. No doubt in my mind, though, that Mac OS X will get exploits like any OS once userbase expands.
Quote this comment #5.2 Posted by the evn show on 25 Sep 2005 - 15:46
QUOTE
Wouldn't it be hard to have tons of minor bugs like on a Windows/Linux where almost no one has the same hardware/software? I mean, essentially everyone on an Apple runs almost the same hardware and software is very limited for OS X. Only difference if maybe a Powermac with different video cards or something.

These are problems with core of the operating system - none of it is device-driver dependent so the hardware argument is moot. Software also doesn't play a roll here because Apple is only patching holes in stuff they ship (Just like Microsoft).

Apple is no further ahead here than anybody else. The only “edge” Apple has is that they're using a lot of open source products in OS X so they benefit from whatever scrutiny and updates that go into those open source projects - but then again so do Linux distributions (and there's no reason Microsoft can't start shipping Apache and OpenSLL too )
Quote this comment #5.3 Posted by Jeremy1 on 26 Sep 2005 - 00:27
QUOTE
there's no reason Microsoft can't start shipping Apache
I don't see why they'd want to though. IIS 6 is much more secure and easier to use than Apache 2. And IIS 7 is going to bury Apache even more.
Quote this comment #5.4 Posted by Mathiasdm on 26 Sep 2005 - 07:02
Yes... Clearly, Apache is getting buried...

Quote this comment #5.5 Posted by Fubar on 26 Sep 2005 - 08:35
in my experiance IIS6 is slow and insecure compared to apache , thats why i switched to apache a few years ago
Quote this comment #5.6 Posted by Stebet on 26 Sep 2005 - 09:42
@Fubar:
Way to blast your foot off. Since IIS6 was released with Windows Server 2003 NOT A SINGLE CRITICAL ISSUE has been discovered in IIS6. Compare that to your precious Apache! Performance of IIS6 is also awesome when coupled with it's caching and compression abilities.

The only issue i have with it is manageability which requires admin privileges to do any changes to the default behavior of websites. That will change with IIS7 however.
(1 reply) Quote this comment Reply to this comment #6 Posted by Amnesia on 25 Sep 2005 - 13:41
well umm... i dont think it was 'people' reporting bugs rather than two companies searching for them.

It says they weren't exploited.

Its kind of nice knowing that they find the bugs before someone else does.
Quote this comment #6.1 Posted by the evn show on 25 Sep 2005 - 15:44
Read the release notes, nearly all of them were discovered by 3rd parties.
They're being patched before they're exploited but not because Apple found them first.
(3 replies) Quote this comment Reply to this comment #7 Posted by EduardValencia on 25 Sep 2005 - 18:00
ooops mac is loosing its touch?
Quote this comment #7.1 Posted by DjmUK on 25 Sep 2005 - 20:25
or, they're getting quicker to identify and fix these little bugs. I actually prefer companies to provide regular updates, it gives me a sense that they're doing what they can and as I always say - I choose to keep all my software/firmware up-to-date.
Quote this comment #7.2 Posted by nacs on 25 Sep 2005 - 20:47
How many separate fixes are in Service pack 1 and 2 for XP again? [Literally hundreds for the not so bright]

I guess by that standard Windows XP lost it's touch a couple months after being released and is now at the bottom of a septic tank.

Troll elsewhere Eduard.
Quote this comment #7.3 Posted by mufdvr3669 on 25 Sep 2005 - 21:07
funny he said nothing of windows, maybe you're the one trolling looking for a little mac vs. windows fight.
Quote this comment Reply to this comment #8 Posted by Neobond on 25 Sep 2005 - 21:43
Good news.
Quote this comment Reply to this comment #9 Posted by Jeremy1 on 26 Sep 2005 - 00:29
An operating system has bugs! OMG!

Seriously, what's the big deal? Anyone who thinks that any OS is immune from security vulnerabilities is kidding themselves.
Quote this comment Reply to this comment #10 Posted by pickleman on 26 Sep 2005 - 00:47
Apple got some worms?
[1]

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.


Scroll to the Top
....
My Preferences
....
Communicating with server
Loading
Please Wait...
....
Loading
 X 
....