March 13, 2006 4:15 PM PST

Apple corrects patch trouble

Related Stories

Mac OS X patch faces scrutiny

March 7, 2006

Apple patches serious Mac OS flaws

March 1, 2006

Mac OS flaw exposes Apple users

February 21, 2006

Bluetooth worm targets Mac OS X

February 17, 2006
Apple Computer on Monday released the second set of Mac OS X security fixes in two weeks.

Security Update 2006-002 corrects problems caused by the company's previous patch and fixes newly discovered security flaws, some of which could let an attacker run code on a computer with the same privileges as the user, the company said on its Web site.

"This Security Update includes some upgrades to our download validation mechanism and strengthens it," Bud Tribble, Apple's vice president of software technology, told CNET "We reduced the number of false positives it gives."

Earlier this month Apple released a security update for its operating system to plug 20 holes. That update added download validation to the Safari Web browser, Apple Mail client and iChat instant-messaging tool. The function warns people that a download could be malicious when they click on the link.

However, download validation has been sounding the alarm on harmless files. "Security Update 2006-001 could cause the user to be warned when provided with certain safe file types, such as Word documents, and folders containing custom icons," Apple said in its security alert. The new update fixes that problem, the company said.

Additionally, Apple's previous update didn't entirely fix the problem. Malicious files could still run without any user action, Apple said. "This update provides additional checks to identify variations of the malicious file types addressed in Security Update 2006-001 so that they are not automatically opened," according to the alert.

The earlier patch also introduced errors with the PHP scripted programming language and "rsync" file transfer utility, Apple said. The PHP issue may prevent SquirrelMail from running and the rsync "--delete" command may not work, the company said. That is now corrected.

The new security update also fixes a pair of newly discovered flaws. One bug is a buffer overflow error in Apple Mail that could be triggered by enticing a user to double click on an e-mail attachment, Apple said. The bug could let an attacker run code in the context of the user, the company said.

The second flaw is related to how Mac OS X handles documents that contain JavaScript. An attacker could craft a file and host it on a remote Web site that would bypass certain access restrictions on a Mac when opened, according to Apple's advisory.

Security-monitoring company Secunia rates Apple's new fix "extremely critical," its highest-risk rating that's not often awarded.

While Apple urges its users to install the patches, there is no immediate risk of attack, Tribble said. "None of these issues are things where there are exploits in the wild," he said. "In a way you can say these are pre-emptive fixes to prevent problems from arising."

The new patch comes after weeks of scrutiny of the safety of OS X, prompted by the discovery of two worms and the disclosure of a serious vulnerability. Security experts also were questioning the effectiveness of Apple's latest patch, suggesting the company should add protection at a deeper level in the system.

Security Update 2006-002 can be downloaded and installed via the Software Update feature in Mac OS X or from Apple Downloads.

See more CNET content tagged:
Apple Computer, security update, attacker, patch, Apple Mac OS X


Join the conversation!
Add your comment
A Fast Response
I'm impressed how quickly Apple responds with their Security
Posted by CBSTV (780 comments )
Reply Link Flag
Good turn around time.
Posted by Sboston (498 comments )
Link Flag
2 staged responses / Very Cool
I'm especially impressed that they released fixes in two stages. Stage one, just something to "Work" and prevent attackers from taking advantage once the flaw was publically released, then a second release as soon as a polished fix was in place.

Most software companies hardly get past stage one.
Posted by wysiwyg22 (41 comments )
Reply Link Flag
Apple apologists are unbelievable
Apple releases a fix that doesnt work, and you guys praise them?
Look, you can **** in a glass and call it Champaign while you toast one another on their wonderful deeds, but at the end of the day it was a total screw-up, both the original problem and the first fix. You same dumb idiots go off on MS when they pull this type of crap, so lets start believing that one set of standards is enough
Posted by catch23 (436 comments )
Reply Link Flag
why are you even bothering?
No Apple Zealot is going to listen to you, or anyone else who offers logical or even empiracl data about a problem or downside to the Mac OSX system. You'll just get the usual hate messages and 'oh your just a ms fanboy/ms troll response'

So why even bother?

Its not like you'll ever change their minds or anything. :)
Posted by techguy83 (295 comments )
Link Flag
'Preemptive' says it all
I'm satisfied. Even Mac-gasmic, JM. Most of the vulnerabilities
never applied to my OS X installation anyway. Squirrel Mail?
Please. I don't even use Mail mail. And, as the Apple spokesman
said (it should have been at the beginning of the article, not the
bottom) there was nothing exploitable.

Why the weird Wintel types want Mac users to be unhappy with our
systems is beyond me.
Posted by J.G. (837 comments )
Reply Link Flag
Mac Envy
Posted by Johnny Mnemonic (374 comments )
Link Flag
Latest Patch
I just downloaded the latest OSX security patch last night for my G5 iMac. I tried to start my computer this morning and NOTHING. It's fried. I have to admit, no hackers will be on my system for quite awhile.
Posted by (1 comment )
Reply Link Flag
I doubt if the patch caused your problem
I've installed it on six machines so far without incident.
Posted by rcrusoe (1305 comments )
Link Flag
If nothing happend then I suggest you check to see if you cat pulled you plug out of the wall. :D
Posted by Sboston (498 comments )
Link Flag
I installed the latest patch and the reboot took me to the normanl grey screen with the apple logo. The little spinning wheel below it started spinning and has kept spinning for over 30 hours now. So much for protection
This Power Mac G4 has been running for 5 plus years with nothing like this happening after a patch. For all the folks that installed on 5 or 6 machines I am truly happy for you. But beleive me. YOUR DAY WILL COME.
Posted by lsawell (2 comments )
Link Flag
I know It's bad form to post external links
But this sums up the argument that is going to ensue way better then I could (requires sound)

<a class="jive-link-external" href="" target="_newWindow"></a>

Why say it yourself when some one else said it better?
Posted by Bob Brinkman (556 comments )
Reply Link Flag
Latest patch is pack of trouble
Security Update 2006-002 has had multiple, serious implications
for many OSX users. I've seen reports from missing desktop icons,
to unusable hyperlinks in mail and applications, to complete
system meltdowns.

Some security patch. I wonder if Apple's quality control is slipping.
Posted by Eric Westra (3 comments )
Reply Link Flag
Can't be too bad....
... I just updated five OS X computers with no problems at all.
Posted by Earl Benser (4310 comments )
Link Flag
free crap
Well, at least you won't be paying for the snafu that Apple made,
when other companies charge you for fixes that do not really work.
But then again, crap is a crap, free or not. Just choose the lesser
Posted by benjiernmd (123 comments )
Reply Link Flag
27 hours ago I downloaded the latest Apple patch/update on my Power Mac G4. It went thru the process and went into restart mode. 30 hours later it's still on the grey page with the black apple siloette and the little thinking wheel is still going around and around. What's up with that? all attempts to recover have failed. The little wheel just keeps on spinning. Is it the eprom battery or a shot drive or what? Does anybody know how to recover from this problem?
Posted by lsawell (2 comments )
Reply Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.