After weeks of '10.6.3 is imminent' stories, Apple has finally released the latest version of Mac OS X 10.6 Snow Leopard with a substantial list of improvements including more than 50 security fixes.

Mac OS X 10.6.3 delivers no new features, but that's what you'd expect from a second-point update especially in the post-Enron era of 'no extra functionality for free' accounting practices.

Mac OS X 10.6.3 does include reliability and/or compatibility issues for a number of subsystems, including QuickTime X, OpenGL, AirPort, printing, Bonjour, DNS, photo screen savers, and USB input.

It also provides fixes for a variety of specific issues affecting Mail, Aperture, iChat, iCal, MobileMe, Time Machine, Parental Controls, Directory Services, Mobile Accounts, copying to Windows file servers, Xsan, and glowing, stuck, or dark pixels in video from the iMac (Late 2009) built-in iSight camera.

One item on the 10.6.3 list that will be especially welcomed by users of some older software is that the issue that prevented files with the # or & characters in their names from opening in Rosetta applications has now been fixed.

Daylight Saving Time rules have been updated to reflect recent changes in areas including Argentina, Fiji, Pakistan, and Antarctica, and improvements have been made to the performance of Logic Pro 9 and Main Stage 2 in 64-bit mode.

A full list on non-security changes can be found here.

Please read on for the security changes delivered in 10.6.3 and in Security Update 2010-002 for Leopard.

Security fixes in 10.6.3 cover the AFP server (two issues),  Apache (updated to version 2.2.14; version 2.2.15 - with additional security fixes - was released earlier this month), CoreAudio (two issues), CoreMedia, CoreTypes, CUPS, curl, Desktop Services (two issues), Disk Images (two issues), Directory Services, Dovecot, Event Monitor, FreeRADIUS (server only), FTP Server (server only), iChat Server (server only; three issues), ImageIO (four issues), Image RAW, Libsystem, Mail (two issues), MySQL (server only; updated to version 5.0.88 - current version is 5.1.45), OS Services, Password Services (server only), PHP (updated to version 5.3.1; 5.3.2 - with additional security fixes - was released earlier this month), Podcast Producer, Preferences, PS Normalizer, QuickTime (nine issues), Ruby on Rails (updated to version 2.3.5), Server Admin, SMB, Tomcat (server only; updated to version 6.0.24; version 6.0.25 - with additional security fixes - was released earlier this month), Wiki Server, and X11 (two issues).

In parallel with Mac OS X 10.6.3, Security Update 2010-002 for Mac OS X 10.5.8 provides fixes for vulnerabilities in the spell checker, application firewall, AFP server, Apache, ClamAV, CoreTypes, CUPS, curl (two issues), Disk Images (two issues), Cyrus IMAP (server only), Cyrus SASL, Desktop Services (two issues), Directory Services, Event Monitor, FreeRADIUS (server only), FTP Server (server only), iChat Server (server only; four issues), ImageIO (four issues), Image RAW (two issues), Libsystem, Mail (two issues), Mailman (updated to version 2.1.13), OS Services, Password Services (server only), perl, PHP (updated to version 5.2.12, even though the PHP project team is encouraging all users of version 5.2.x to upgrade to 5.2.13), PS Normalizer, Ruby on Rails (updated to version 2.3.5), Server Admin (two issues), SMB, Tomcat (server only; updated to version 6.0.24; version 6.0.25 - with additional security fixes - was released earlier this month), unzip, vim (updated to version 7.2.102 - 7.2.411 is current), Wiki Server (two issues), X11 (two issues), and xar.

In both cases, a significant proportion of the vulnerabilities involve susceptibility to malformed files such as TIFF images or H.264 movies.

Both updates can most easily be applied by running the Software Update utility. Alternatively, they can be downloaded via Apple's Support Downloads page.

Some users will prefer to download the combo version of the Mac OS X 10.6.3  update, as this can be used on any 10.6.x installation. While combo updaters are sometime substantially larger than the corresponding regular (incremental) updaters, the 10.6.3 combo is only 10% larger. This indicates how wide-ranging the changes are in 10.6.3.



Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips



Ransomware attacks on businesses and institutions are now the most common type of malware breach, accounting for 39% of all IT security incidents, and they are still growing.

Criminal ransomware revenues are projected to reach $11.5B by 2019.

With a few simple policies and procedures, plus some cutting-edge endpoint countermeasures, you can effectively protect your business from the ransomware menace.


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.


Popular News




Sponsored News