Apple Mac OS X 10.5.4 Bolsters Performance, Security - InformationWeek
IoT
IoT
Infrastructure // PC & Servers
News
6/30/2008
06:34 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Apple Mac OS X 10.5.4 Bolsters Performance, Security

Nine of the 25 vulnerabilities addressed affect the Tomcat 4.1.36, which comes bundled with Mac OS X v10.4.11 systems.

Apple on Monday released Mac OS X 10.5.4, which addresses operating system and application performance issues and fixes 25 security vulnerabilities.

The update, available from Apple's Web site and through the Mac OS X Software Update control panel, resolves problems with saving and reopening Adobe Creative Suite 3 files on a remote server, adds RAW image support for several cameras, addresses a potential X11 installation issue, and improves L2TP VPN client reliability.

The update also improves the reliability of Apple's wireless AirPort hardware with 5-GHz networks and certain music applications. It improves iCal syncing and fixes several other iCal issues. It resolves potential Safari performance issues when loading secure Web pages and when accessing secure Web pages with client certificates that reside on a smart card.

In addition, the update fixes several Spaces and Expose bugs.

The security portion of the update affects the following operating system components: Alias Manager, CoreTypes, c++filt, Dock, Launch Services, Net-SNMP, Ruby, SMB File Server, System Configuration, Tomcat, VPN, and WebKit.

Nine of the 25 vulnerabilities addressed affect the Tomcat 4.1.36, which comes bundled with Mac OS X v10.4.11 systems. The fixed version of Tomcat is now 4.1.37. Mac OS X 10.5 comes with Tomcat version 6.x and thus it not affected.

Six of the 25 vulnerabilities affect the Ruby programming language. "Multiple memory corruption issues exist in Ruby's handling of strings and arrays, the most serious of which may lead to arbitrary code execution," Apple explains. "This update addresses the issue by performing additional validation of strings and arrays." One Ruby fix addresses a vulnerability related to the way Ruby's WEBrick toolkit handles capitalization.

The Alias Manager, Launch Services, and System Configuration issues are specific to Mac OS X v10.4.11 and Mac OS X Server v10.4.11. They do not affect Mac OS X 10.5.

The Dock fix closes a vulnerability that could have allowed a person with physical access to a Mac protected by a screen saver password or wake-from-sleep password to bypass the password screen if Expose hot corners happened to be active.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Digital Transformation Myths & Truths
Transformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll