September 29, 2006 12:27 PM PDT

Apple releases Mac OS X security update

Related Stories

New Apple patch plugs Wi-Fi hijack flaws

September 21, 2006

Apple updates Mac OS to squash bugs

June 27, 2006
Apple Computer released an update Friday for Mac OS X to fix several vulnerabilities that could allow attackers to execute code on unpatched systems.

A total of 15 security vulnerabilities are fixed in the update, which is available on Apple's Downloads page or through its Software Update service. The update fixes flaws in certain features of Mac OS X and Safari, but also Adobe System's Flash Player.

For example, one of the updates fixes a flaw in Safari that could allow malicious sites to appear as trustworthy destinations, complete with the little lock icon, without proper authentication. In this case, the flaw was fixed by disallowing anonymous SSL (Secure Sockets Layer) connections by default, Apple said.

Also covered by the updates are flaws that could allow arbitrary code execution from a malicious JPEG2000 image and ones that could allow local users to take advantage of failed attempts to log in to a network account. The fixes can be downloaded either as Mac OS X version 10.4.8 or as Security Update 2006-006, Apple said, adding that either download will correct the identified flaws.

Apple last updated Mac OS X 10.4 in June, with several patches and bug fixes delivered as Mac OS X version 10.4.7. Last week Apple issued an update to fix serious flaws in its AirPort wireless driver software that could allow Macs to be hijacked through wireless connections. More information on the current batch of updates can be found on Apple's Web site.

See more CNET content tagged:
flaw, Apple Mac OS, Apple Mac OS X, Apple Computer, Apple Macintosh

26 comments

Join the conversation!
Add your comment
Oh my! All Apple Products are horrible!
While we could go on and on about how X company is horrible about putting out any product that is not 100% perfect, I think it's better to applaud any company that acknowledges a problem and takes steps to fix it whether it be Apple or Microsoft.

Good going, Apple. Glad to see patches coming out for the OS.
Posted by Vegaman_Dan (6683 comments )
Reply Link Flag
I would have posted sooner
I had to stop laughing. It took a while :-)

Yes - ALL SOFTWARE HAS BUGS. (In 1979) I wrote a 5-line BASIC program that had a bug (missing period).

Most of the time though, the problem is NOT the original code - it is that someone is using the software in a way that was not intended - in a way that was NOT specified in the original requirements.

Unless you are working with something like SOA services, fractal realization sucks.
Posted by DryHeatDave (79 comments )
Link Flag
lol
X company(MS) is horrible. They don't have the base security that OSX and Linux has. Therefore it is crap.

OSX is not perfect, no one said it was. However, to claim that Winblows is on the same level of *nix because "all software has flaws" is ignorant at best. It shows a total lack of understanding of software and hardware.

To the other guy who couldn't write a perfect 5 line program(a compiler error isn't a bug btw, it is a syntax error), please avoid programming in the future.

A small, well-written program can be shown to be flawless in design. An OS, or hardware flaw might make that program buggy though.
Posted by qwerty75 (1164 comments )
Link Flag
Apple is being Proactive about Security.
One of the nice things about OS X's UNIX underpinnings is the time
tested security.

That's not to say they won't get hit sometime in the future, but they
treating security as a Feature, not a Liability.
Posted by technewsjunkie (1265 comments )
Reply Link Flag
Funny how people consider Apple to be proactive
Funny how people believe that Apple is proactive whereas when Microsoft releases a fixes then it is too late. I believe this is a perception issue.

No OS is 100% safe and in current market all of them are trying their best to help consumers and protect themselves from BAD RAP.
Posted by Tanjore (322 comments )
Link Flag
One more
If these flaws already exisited and they did not get exploited it is purely because hackers just don't care to exploit Mac OS.
Posted by Tanjore (322 comments )
Link Flag
Not just a security update!
This update is NOT just a security update/patch. When Apple issues those it does NOT do a point upgrade to the OS.

This update covers many, many things from updating how a translating widget works to adding RAW camera image support to the OS. Security patches is only a small part of the update.

Once again it would appear theat c|net is only interested in inaccurate/flamboyant reporting.
Posted by shadowself (202 comments )
Reply Link Flag
Hey CNet!
I was wondering if you could say whether the security update contained in 10.4.8 was the same as that downloaded as a separate update a couple of weeks ago?

Thanks!
Posted by grandmasterdibbler (78 comments )
Reply Link Flag
???
Dude go find it yourself... Is cnet your mother? ===> Google.com
do learn something.
Posted by Mephux (51 comments )
Link Flag
Yes it does
Every 10.x.x update includes all the security patches that have
been released since the prior 10.x.x update. These 15 security
holes that the article refers to are not new - they are the ones
that have been found since 10.4.7 was released and patched
since that time 'til now.
Posted by No invasion of privacy (52 comments )
Link Flag
I see it all the time...
Any time Apple releases ANYTHING with the words "security" in
it, the press goes apeshit. When Microsoft releases a "security
update", it's usually well after a flaw (or usually, MANY FLAWS) is
discovered, exploited or spreading like wildfire. When Apple
releases a "security update", or in this case a SYSTEM UPDATE,
it's usually to patch up a few holes that *could* be exploited.
It's like they're constantly trying to bring Apple down to
Microsoft's level, as far as security is concerned. Since switching
to Mac, I have yet to see my browser hijacked, a virus or a piece
of spyware. Who do these ignorant "journalists" think they are?
It's like they're being payed by Microsoft to write negative
articles about competitors.
Posted by mhersh (78 comments )
Reply Link Flag
apple: proactive, microsoft: reactive.
Its the reason why apple users generally seem more 'smug' to
windows users. Issues are dealt with before they are identified by
others with malicious intent.
Some people might see reporting on every software and security
update as negative press. I see it as further proof that my
investment in a mac was a sound one!
Posted by yikes31 (71 comments )
Link Flag
Not quite
Cnet is a "tech" site and they are simply reporting the "tech" news. When MS releases patches these are reported too whether something is being exploited or not. These articles are to inform the readers that there are patches out there and you should install them. Taking the article personally is your own agenda.
Posted by Charleston Charge (362 comments )
Link Flag
You guys are unbelievable
Whenever a security update comes out for the Mac you report it,
which is understandable, but never do you say that these updates
are for vulnerabilities that as of yet HAVE NOT RESULTED IN ANY
SECURITY PROBLEMS WHATSOEVER and that Apple is fixing them
PREEMPTIVELY. Does Microsoft pay you or what? This biased
reporting has got to stop.
Posted by jimmysix (1 comment )
Reply Link Flag
Take your fingers out of your ears and listen
The reason you never hear about any Mac-OS security issues being reported is because you've got your fingers in your ears and shouting "LA LA LA LA LA I CAN'T HEAR YOU!"

There have been exploits in the past and there will be in the future. Whether or not you wish to acknowledge them is up to you. And before you start with the 'prove it' line, just do a search on past discussions. It's a tired argument and one that is flawed from the start.

Apple did the right thing and posted updates. That's fine and commendable. They could just try hiding it as part of an iTunes update instead and never admit any flaws in the OS which has happened before with various companies including MS, Apple, Xerox, etc.
Posted by Vegaman_Dan (6683 comments )
Link Flag
Apple Has Security Flaws, Just Like Microsoft
Apple's "security advantage" is that it has a miniscule market share, so hackers aren't interested in it.

After all, according to IDC, Apple's worldwide market share is in the "others" category, somewhere below that of Fujitsu/Fujitsu Siemens.
Posted by john55440 (1020 comments )
Reply Link Flag
All operating systems have flaws...
But the biggest difference between Apple and Microsoft is that Apple is serious about it's security.

Funniest thing is that I don't even own a MAC... but they're better than Microsoft for sure... (* LOL *)

Nuff said... (* GRIN *)

Walt
Posted by wbenton (522 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.