No. 1 Story
ACCC clears Optus to scrap HFC network and use NBN instead
The ACCC has cleared, provisionally, the proposed deal between Optus and NBN Co under which Optus is to be paid around $800m to shut down its HFC network and transfer customers onto the NBN. read moreMore From
Mac OS X 10.5.6 - this time it's real
Stephen Withers
Tuesday, 16 December 2008 00:28
Page 2 of 2
As for the security aspects of 10.5.6 and Security Update 2008-008 for Tiger, several of the issues concern improved error checking to avoid problems that could be caused by maliciously crafted files.There's also a cookie-related issue in Safari that could allow the disclosure of user credentials.
Download validation (Leopard only) has been improved so that files with executable permissions and no specific application association are marked as potentially unsafe.
Changes have been made to various system calls and APIs to avoid privilege escalation, denial of service attacks, and arbitrary code execution. Leopard Server's Podcast Producer has been changed to prevent remote attacks via its administrative functions.
One unusual correction concerns Leopard's Managed Client feature. On systems that lack built-in Ethernet (and the only recent Mac that fits that description is the MacBook Air) certain screen saver settings are not correctly applied, including the lock.
Mac OS X 10.5.6 Update and Security Update 2008-008 are available via Software Update or from Apple's Support Downloads page.
File sizes range from 72M for the PowerPC version of Security Update 2008-008 to 883M for the 10.5.6 Server combo update.
If your 10.5.5 system is otherwise up to date, Software Update may be able to fetch a smaller version of the 10.5.6 updater.
You think you have a disaster recovery plan?
Think again. Most businesses only have PART of a DR plan - and this spells business disaster in the event of an IT disaster.
Download The Seven Sins of Disaster Recovery White Paper now and find out how you can prevent this happening to you.
