Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL
 |
 Stephen Withers turns his gaze on the world of Apple, with
detours into other aspects of IT and communications as they catch his
attention. |
Technology news and Jobs 
Our Blogs Core Dump Mac OS X 10.5.6 - this time it's real
Our Blogs Core Dump Mac OS X 10.5.6 - this time it's real | Mac OS X 10.5.6 - this time it's real |
|
| by Stephen Withers | |
| Tuesday, 16 December 2008 | |
|
Page 2 of 2 As for the security aspects of 10.5.6 and Security Update 2008-008 for Tiger, several of the issues concern improved error checking to avoid problems that could be caused by maliciously crafted files.Featured Whitepaper
5 Best Practices for Smartphone Support
There's also a cookie-related issue in Safari that could allow the disclosure of user credentials. Download validation (Leopard only) has been improved so that files with executable permissions and no specific application association are marked as potentially unsafe. Changes have been made to various system calls and APIs to avoid privilege escalation, denial of service attacks, and arbitrary code execution. Leopard Server's Podcast Producer has been changed to prevent remote attacks via its administrative functions. One unusual correction concerns Leopard's Managed Client feature. On systems that lack built-in Ethernet (and the only recent Mac that fits that description is the MacBook Air) certain screen saver settings are not correctly applied, including the lock. Mac OS X 10.5.6 Update and Security Update 2008-008 are available via Software Update or from Apple's Support Downloads page. File sizes range from 72M for the PowerPC version of Security Update 2008-008 to 883M for the 10.5.6 Server combo update. If your 10.5.5 system is otherwise up to date, Software Update may be able to fetch a smaller version of the 10.5.6 updater. |
Tags
| < Next story in category | Previous story in the category > |
|---|
