Apple releases dozens of Tiger, Leopard security updates

It's download time again for Mac OS X users, as 31 new security-related fixes for both Tiger and Leopard were made available by Apple Monday afternoon.

The security patches are mostly geared for users of Mac OS X 10.4, known as Tiger, but there's a bunch as well for version 10.5, known as Leopard. They should be automatically pushed to Mac users through the Software Update function, but you can also go to Apple's Web site and download the patches.

A number of serious vulnerabilities, such as ones that could lead to a malicious attack on your system, are fixed with the latest update. This includes several flaws that could lead to a remote attacker executing malicious code on a Mac in programs like Address Book, the Safari browser's RSS feed, and CUPS (common Unix printing system), among other things.

Apple updated QuickTime last week in order to fix an important flaw in that program. As part of Monday's patches, Apple also shipped a patch for Windows users of Safari that was addressed for Mac users as part of the larger series of patches.

[OohYah]

DOZENS of updates?

Give me a break!<br />It was ONE update!! There are many fixes within the one update, <br />but isn't that a normal practice?<br />Seems like this is a little bit of "Sensationalism" here.<br />Gee, lets try to make OS X look as bad as XP or Vista!

[pcbear]

Yes Dozens of updates

yes dozens of update! There were a multitude of updates to different products.

[Tom Krazit]

Each component was updated

Address Book was updated. iChat was updated, CUPS was updated, Core Foundation was updated, Desktop Services was updated, Mail was updated, Launch Services was updated, Safari was updated, Software Update was updated, Spotlight was updated......<br /><br />Yes, I understand, all those updates come in one file. But you're telling me you guys would have been more satisfied with a headline that said "Apple corrects 31 flaws in Mac OS X" or maybe "Dozens of Mac OS X problems, some critical, corrected by Apple?"<br /><br />Somehow, I doubt that.

[DrtyDogg]

Wow

A little sensitive are we? It's OK, lord Jobs is aware of your loyalty and you will be rewarded in the promised land.

[M C]

Did CNet hire Joris Evers back?

Because that was a textbook Evers headline (I think even a plagiarized one).<br /><br />Apple released ONE update that fixed numerous bugs.<br /><br />Didn't you just whine about the mean Mac people crabbing at you for everything? Well, you clearly knew what you were doing here. And you used to be so smart about this stuff...<br /><br />The Jeff Gerstmann reverberations apparently continue.

[email11101498]

Whaa...Tiger, Leopard needs update?

Isn't Tiger and Leopard already perfect without flaws? I thought you never needed fixes or patches for security or vulnerabilities?<br /><br />Surely it's a mistake! <br /><br />BTW, that's really smart of them to figure out a way to patch 31 issues in a single update. Mac is wonderful.

[The_Decider]

clueless

No one said it is perfect.<br /><br />It is, however, way more secure then windows.<br /><br />I will spare you the lecture about flaws vs. exploited flaws since you likely won't be able to understand it.

[roozbehn]

WOW!

I thought Mac's are perfect!!!?<br />so they do have bugs too!!!!

[tanis143]

OMG

I knew as soon as I read this story that macbois would be flaming up a storm. Whenever there is something that could even have a slight chance of possibly flicking a bit of dirt on their pristine white (cough)overrated(cough) computers they start whining as if their favorite Starbucks ran out of creamer. <br /><br />Get a grip.<br /><br />Yes, there were several updates contained in while patch. If multiple applications were updated, each one counts as a separate update regardless of how many files have to download. Apple just packaged all the updates (notice the plural use?) in one handy downloaded file.

[Lee in San Diego]

And of course

"I knew as soon as I read this story that macbois would be <br />flaming up a storm."<br /><br />As soon as Apple issued the update the blogs you find on the <br />magazine rack at the checkout line would have flaming <br />headlines.<br /><br /> "Headless Server Found in Topless Bar!" <br /><br />"Program Caught in a Loop Chews Off its Own Foot!"<br /><br />"Almost Perfect OSX Made Even More Perfect!"

[The_Decider]

Do you know what would be news?

If OSX was actually exploited in the wild.<br /><br />Do you know what is not news?<br /><br />Windows getting successfully attacked.

[Vegaman_Dan]

How about...

The_Decider chooses not to be negative for a change?<br /><br />Look, it's an update. So there is one file or a bunch of files. It doesn't matter- updates are way of life for any OS and that includes Windows and Linux.

[alegr]

Social engineering, anyone?

So called "Windows attacks" is mostly a triumph of plain old social engineering.<br />It won't take long before people start receiving emails: "Urgent notification from Apple: Install this security update". They are already primed to accept as a fact that OS X _needs_ security updates.

[Kings X Rocks!]

Perspective...

But, by using the phrase "security updates" in the title of the article, a shadow of vulnerability is cast on OS X...<br /><br />It is always so comical to read the reactions!

[Lee in San Diego]

Apple labels them Security Updates

Even if most of the fixes were not security related problems Apple <br />still refers to them as Security Updates, see <a class="jive-link-external" href="http://www.apple.com/support/downloads/" target="_newWindow">http://www.apple.com/support/downloads/</a><br /><br />Now the sensational blog headlines are another thing.

[wolivere]

Okay

<a class="jive-link-external" href="http://blogs.pcmag.com/securitywatch/2007/12/unpatched_quicktime_bug_exploi.php" target="_newWindow">http://blogs.pcmag.com/securitywatch/2007/12/unpatched_quicktime_bug_exploi.php</a><br /><br /><a class="jive-link-external" href="http://software.silicon.com/malware/0,3800003100,39162900,00.htm" target="_newWindow">http://software.silicon.com/malware/0,3800003100,39162900,00.htm</a><br /><br /><a class="jive-link-external" href="http://www.itwire.com/content/view/15601/53/" target="_newWindow">http://www.itwire.com/content/view/15601/53/</a><br /><br /><a class="jive-link-external" href="http://findarticles.com/p/articles/mi_zdpcm/is_200611/ai_n19420332" target="_newWindow">http://findarticles.com/p/articles/mi_zdpcm/is_200611/ai_n19420332</a><br /><br />Just a quick search.. but.. oh well

[Seaspray0]

To be fair

All operating systems are not immune from malicious attacks. Please people, stop this nonsense and treat this for what it is... a security update. Like we haven't seen one before? Updates are a good thing. I would worry more about software that doesn't get fixed. I would also recommend you excercise good judgement by keeping your computer updated, using a good firewall, and protecting yourself against viruses. It's common sense like wearing a seatbelt.

[FutureGuy]

Was about to get OS X

thinking that its bug free, only windows gets patches, ohh well, live and learn.

[mikeschr]

RE: Was about to get OS X

You know, I have a feeling this guy wasn't really about to get OS X.

[NewsReader_]

Learning the hard way

This is commercial software folks. Whether it comes from Microsoft, Apple, Sun, IBM, where ever, it is going to have bugs. All of this bickering about which OS is better is pointless.<br /><br />This will not change until consumers are willing to pay more and wait longer for higher quality software. In other words, never.<br /><br />The biggest lesson that Apple followers are going to have to learn is that as your numbers grow; so will the number of defects found. Unless you enjoy eating crow, you may want to pipe down the "My OS is better" rhetoric.

[AppleSuxLeo]

This just in...

Leoptard just renamed Swiss Cheese !

[sagan.nexx]

Not just updates

Remember, the release date was a cut-off for features, but some features that did not make the release date are added to the post-release update(s) e.g. an updated Java run-time. Face it, nothing gets patched more than Windows.