Telstra has revealed the addition of almost one million new mobile services in the six months to December 2011, but Sensis revenues plummeted 24 percent in 12 months.
The 2008-002 update brings the versions of Apache included with the regular and server versions of the operating system up to date. Apache 1.3.41 and 2.2.8 were released by the Apache Software Foundation two months ago.
Similarly, the ClamAV antivirus software that is part of Mac OS X Server is brought up to version 0.92.1, the latest stable release which debuted in June 2007. Apple has been criticised in the past for failing to provide its customers with up-to-date versions of open source projects that are packed with its operating system.
CUPS, the Common Unix Printing System now owned and maintained by Apple, is updated to version 1.3.6, released in mid February. Addressed vulnerabilities could be used for denial of service attacks or the execution of arbitrary code with system privileges.
The version of PHP (Mac OS X Server only) is updated to 4.4.8, which was released in early January.
The update also includes patches for the curl, file and pax commands, Emacs, Kerberos, notifyd, OpenSSH and X11.
Software components developed by Apple that are affected by the security update include AFP (arbitrary code execution, authentication bypass), AppKit (remotely-triggered arbitrary code execution), CFNetwork (spoofing by malicious proxy servers), CoreFoundation (privilege escalation), CoreServices (misclassification of .ief files as 'safe'), Foundation (privilege escalation, arbitrary code execution), Help Viewer (arbitrary AppleScript execution), Image Raw (arbitrary code execution triggered by malicious DNG files), mDNSResponder (arbitrary code execution), Podcast Producer (password exposure), Preview (weak encryption of PDF files), Printing (disclosure of login credentials), System Configuration (arbitrary code execution with system privileges), UDF (malicious disk images may cause system shutdown), and Wiki Server (path traversal may allow arbitrary code execution).
That's quite a shopping list! Since exploits often quickly follow the disclosure of vulnerabilities (which is why it is so important for us that Apple keeps up with updates from external projects), it seems sensible to apply the update reasonably promptly.
The update is available for desktop and server versions of Mac OS X 10.4.11 and 10.5.2. It can be installed via Software Update or downloaded from Apple's web site.
David Bass
| For the fourth year in a row, IDC has placed content security provider Websense (NASDAQ: WBSN) at the top of the IDC Worldwide Web Security 2011 –…
How to Make Business Discovery Work for Your Business
Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more
Try an easy-to-use set of web-enabled
tools for business-class productivity services. Office 365 provides
anywhere-access to email, important documents, contacts, and calendars
on almost any device.
