Software // Enterprise Applications
News
2/11/2008
07:28 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

Apple Releases Mac OS X 10.5.2 And Security Update

The Apple fixes affect Directory Services, Foundation, Launch Services, Mail, NFS, Open Directory, Parental Controls, Samba, Terminal, and X11.

Apple on Monday updated Mac OS X to version 10.5.2 and released Security Update 2008-001 for Mac OS X 10.4.11. Collectively, the two updates address ten security vulnerabilities, one of which includes multiple X11 X Font Server holes, and a bug not considered to be a security risk.

The fixes affect Directory Services, Foundation, Launch Services, Mail, NFS, Open Directory, Parental Controls, Samba, Terminal, and X11. The Directory Services, Mail, and Open Directory issues do not affect those using OS X 10.5 or above. Seven of the vulnerabilities, Apple said, could allow arbitrary code execution.

A flaw in Apple's Parental Controls could expose private information. "When set to manage Web content, Parental Controls will inadvertently contact www.apple.com when a Web site is unblocked," Apple explained in its release note. "This allows a remote user to detect the machines running Parental Controls. This update addresses the issue by removing the outgoing network traffic when a Web site is unblocked."

Apple's Parental Controls feature is not available prior to Mac OS X 10.5.

The Launch Services update patches a flaw in Apple's Time Machine backup software that could have allowed a user to launch an application from the Time Machine backup, even if it has been deleted. While true to the concept of Time Machine as a file recovery tool, such behavior runs contrary to expectation. "Users expect that uninstalling an application from their system will prevent it from being launched," Apple explains.

Apple also fixed flaws in several open source programs that it uses, including the print services application Samba and the X11 windowing framework.

Apple's Monday's patch pales in comparison to the one issued in mid-December, which featured more than 40 fixes.

The new update can be downloaded directly from Apple's site or through the Software Update control panel.

Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - August 27, 2014
Who wins in cloud price wars? Short answer: not IT. Enterprises don't want bare-bones IaaS. Providers must focus on support, not undercutting rivals.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Howard Marks talks about steps to take in choosing the right cloud storage solutions for your IT problems
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.