123Macmini.com
FAQFAQ   SearchSearch   MemberlistMemberlist   GalleryPhoto Gallery   RegisterRegister   ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Apple Releases Security Update 2006-003

 
Post new topic   Reply to topic    123Macmini.com - Forums Forum Index -> 123Macmini.com News and Reviews
View previous topic :: View next topic  
Author Message
admin
Site Admin


Joined: 21 Jan 2005
Posts: 2192
Location: U.S.A

PostPosted: Thu May 11, 2006 5:50 pm    Post subject: Apple Releases Security Update 2006-003 Reply with quote

Apple Releases Security Update 2006-003
Thursday, May 11, 2006

Apple has released Security Update 2006-003 via Mac OS X's Software Update Utility and on the Web. According to the company, Security Update 2006-003 is recommended for all users and improves the security of the following components: AppKit, Bom, CFNetwork, CoreFoundation, CoreGraphics, curl, Finder, Flash Player, Plug-in, ImageIO, LaunchServices, Mail, Preview, QuickDraw, Ruby, Safari, and securityd.



http://www.123macmini.com/news/story/473.html
Back to top
View user's profile Send private message Send e-mail Visit poster's website
picaman
Veteran Member
Veteran Member


Joined: 16 Aug 2005
Posts: 1444
Location: NYC

PostPosted: Fri May 12, 2006 3:00 pm    Post subject: Reply with quote

Two things:

1) If you have an Intel Mac and Adobe CS2 installed, this update may give you problems. See here for the solution before you upgrade:

http://discussions.apple.com/thread.jspa?messageID=2312301#2312301

http://www.macfixit.com/article.php?story=20060512084131713

Apparently one solution is to disable Adobe Version Cue on startup. The update may be causing problems with PPC startup items on Intel Macs.

2) Mac OS X now has zero unpatched known vulnerabilities. Take that, Windows Razz

http://secunia.com/product/96/

Smile

Jamie
Back to top
View user's profile Send private message
kuro
Member
Member


Joined: 27 Oct 2005
Posts: 83

PostPosted: Sat May 13, 2006 5:42 am    Post subject: Reply with quote

picaman wrote:

1) If you have an Intel Mac and Adobe CS2 installed, this update may give you problems. See here for the solution before you upgrade:

http://discussions.apple.com/thread.jspa?messageID=2312301#2312301

http://www.macfixit.com/article.php?story=20060512084131713

Apparently one solution is to disable Adobe Version Cue on startup. The update may be causing problems with PPC startup items on Intel Macs.



Some users are being affected by a different problem. After rebooting the login screen flashes up briefly and then disappears leaving a blue screen. After a while the spinner appears and then the OS drops to the command-line login screen (black screen with login prompt in top-left corner).

It isn't possible to get to the GUI via safe boot mode either. Resetting flash with cmd-opt-P-R doesn't help. Booting from the install CD and repairing permissions or disk (fsck) doesn't help either.

This second issue seems to be affecting some users with PPC Macs and some users with Intel Macs and may be unrelated to the StartupItems iissue.
Back to top
View user's profile Send private message
picaman
Veteran Member
Veteran Member


Joined: 16 Aug 2005
Posts: 1444
Location: NYC

PostPosted: Sat May 13, 2006 6:36 am    Post subject: Reply with quote

I went against my usual policy and installed this update--I have a tendency to wait a few days to see if problems crop up and new versions are issued. That's happened recently with another security update, I think.

I didn't have problems installing to my G4 Mini, but I'd still recommend holding off a few days on this one, especially if there's an Intel Mini involved. I have a feeling that Apple may quietly reissue this one.

Smile

Jamie
Back to top
View user's profile Send private message
iMav
Veteran Member
Veteran Member


Joined: 13 Feb 2005
Posts: 2173
Location: Columbus, WI

PostPosted: Sat May 13, 2006 6:41 am    Post subject: Reply with quote

No problems on my G4 iBook. We'll see how the Intel iMac and Mini goes this afternoon. Smile
_________________
-=iMav=-
http://geekhack.org
Back to top
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger
MiniMoe
Veteran Member
Veteran Member


Joined: 25 Apr 2006
Posts: 605

PostPosted: Sat May 13, 2006 7:07 am    Post subject: Reply with quote

Which leads me to an interesting question....

How do you install updates from the command line? (assuming you have the problem above or ssh'd remotely into the box)
_________________
Moe
1.66GHz Core-Duo Mini, 2GB/120GB, Apple 23" Cinema HD Display
Apple Wireless Keyboard & Mouse, Apple iSight Camera
Apple USB Modem (for faxing), Bose Companion 2 Speakers
2.0GHz white MacBook 1GB/80GB
Back to top
View user's profile Send private message
iMav
Veteran Member
Veteran Member


Joined: 13 Feb 2005
Posts: 2173
Location: Columbus, WI

PostPosted: Sat May 13, 2006 7:26 am    Post subject: Reply with quote

MiniMoe wrote:
How do you install updates from the command line? (assuming you have the problem above or ssh'd remotely into the box)

$ which softwareupdate
/usr/sbin/softwareupdate
$ softwareupdate --help
usage: softwareupdate <mode> [<args> ...]

-l | --list List all appropriate updates
-d | --download Download Only
-i | --install Install
<label> ... specific updates
-a | --all all appropriate updates
-r | --recommended only recommended updates
-u | --url <url> ... from signed package URLs

Per-user preferences:
--ignore <label> ... Ignore specific updates
--reset-ignored Clear all ignored updates
--schedule (on | off) Set automatic checking

-h | --help Print this help
_________________
-=iMav=-
http://geekhack.org
Back to top
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger
MiniMoe
Veteran Member
Veteran Member


Joined: 25 Apr 2006
Posts: 605

PostPosted: Sat May 13, 2006 8:09 am    Post subject: Reply with quote

That's GREAT! Thanks!

[edit]Got 'em all 3 installed (from the Dell 8600). Found that I didn't need to use -d because -i downloads them. Installed them one at a time between reboots because they were all "restart" required.
_________________
Moe
1.66GHz Core-Duo Mini, 2GB/120GB, Apple 23" Cinema HD Display
Apple Wireless Keyboard & Mouse, Apple iSight Camera
Apple USB Modem (for faxing), Bose Companion 2 Speakers
2.0GHz white MacBook 1GB/80GB
Back to top
View user's profile Send private message
resuna
Member
Member


Joined: 15 May 2005
Posts: 215

PostPosted: Mon May 15, 2006 11:49 am    Post subject: Reply with quote

picaman wrote:
Mac OS X now has zero unpatched known vulnerabilities.
Open "Safe" Files After Downloading is a vulnerability.

The use of the same set of bindings for helper applications (for URIs and file types) by both Finder and Safari is a vulnerability.

Popping up another "Hi I'm an annoying message you always approve anyway so just click 'Infect Me'" dialog box is not "patching a vulnerability", it's "providing an illusion of security for naive users".
Back to top
View user's profile Send private message
picaman
Veteran Member
Veteran Member


Joined: 16 Aug 2005
Posts: 1444
Location: NYC

PostPosted: Mon May 15, 2006 2:20 pm    Post subject: Reply with quote

My statement referred to the Secunia site's assessment of the situation, which was linked immediately below in my original post. As Secunia is a major purveyor of Mac FUD, that page was amusing to me.

I think it's all in how you define "vulnerability." I agree with you that OS X is deficient in that area, but I also think that no OS is ever going to be invulnerable to social engineering.

Smile

Jamie
Back to top
View user's profile Send private message
resuna
Member
Member


Joined: 15 May 2005
Posts: 215

PostPosted: Mon May 15, 2006 2:40 pm    Post subject: Reply with quote

picaman wrote:
I agree with you that OS X is deficient in that area, but I also think that no OS is ever going to be invulnerable to social engineering.
If it was just "social engineering" I wouldn't have a problem. Anyone can learn not to be "social engineered" by viruses and worms... at work, there are people who have been tricked into downloading an attachment or file and opening it, once. I've never had someone come to me and say "I downloaded and opened a file and I got infected again".

I have had people come to me and say "I clicked the wrong button and I got infected again".

The difference is between a reflex, and a decision. A trained response, and a choice. Pavlovian conditioning, not social engineering.
Back to top
View user's profile Send private message
picaman
Veteran Member
Veteran Member


Joined: 16 Aug 2005
Posts: 1444
Location: NYC

PostPosted: Tue May 16, 2006 7:36 am    Post subject: Reply with quote

resuna wrote:
I've never had someone come to me and say "I downloaded and opened a file and I got infected again".


That's because they are too embarrassed to tell you Razz Laughing

Seriously, your points are well taken. Hopefully Leopard will address this issue.

Smile

Jamie
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    123Macmini.com - Forums Forum Index -> 123Macmini.com News and Reviews All times are GMT - 5 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



      

Shop:  Apple Store  |  Refurbished Macs  |  Refurbished iPads  |  MacConnection  |  Mac Mini Vault  |  Other World Computing

MK 1 Studio Mac mini Racks  |  Crucial Mac Memory  |  Top Free Mac Apps  |  Top Paid Mac Apps



123Macmini.com is an independent publication and has not been authorized, sponsored, or approved by Apple Computer, Inc.
All logos and trademarks in this site are property of their respective owners.
Copyright © 2011 123Macmini.com. All Rights Reserved.