Apple Releases Mac OS X 10.5.2 And Security Update
The Apple fixes affect Directory Services, Foundation, Launch Services, Mail, NFS, Open Directory, Parental Controls, Samba, Terminal, and X11.
Apple on Monday updated Mac OS X to version 10.5.2 and released Security Update 2008-001 for Mac OS X 10.4.11. Collectively, the two updates address ten security vulnerabilities, one of which includes multiple X11 X Font Server holes, and a bug not considered to be a security risk.
The fixes affect Directory Services, Foundation, Launch Services, Mail, NFS, Open Directory, Parental Controls, Samba, Terminal, and X11. The Directory Services, Mail, and Open Directory issues do not affect those using OS X 10.5 or above. Seven of the vulnerabilities, Apple said, could allow arbitrary code execution.
A flaw in Apple's Parental Controls could expose private information. "When set to manage Web content, Parental Controls will inadvertently contact www.apple.com when a Web site is unblocked," Apple explained in its release note. "This allows a remote user to detect the machines running Parental Controls. This update addresses the issue by removing the outgoing network traffic when a Web site is unblocked."
Apple's Parental Controls feature is not available prior to Mac OS X 10.5.
The Launch Services update patches a flaw in Apple's Time Machine backup software that could have allowed a user to launch an application from the Time Machine backup, even if it has been deleted. While true to the concept of Time Machine as a file recovery tool, such behavior runs contrary to expectation. "Users expect that uninstalling an application from their system will prevent it from being launched," Apple explains.
Apple also fixed flaws in several open source programs that it uses, including the print services application Samba and the X11 windowing framework.
Apple's Monday's patch pales in comparison to the one issued in mid-December, which featured more than 40 fixes.
The new update can be downloaded directly from Apple's site or through the Software Update control panel.
Building A Mobile Business MindsetAmong 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps – and it's past time for those with no plans to get cracking.