PDA

View Full Version : Security Update 2006-003


MacRumors
May 11, 2006, 04:08 PM
http://www.macrumors.com/images/macrumorsthreadlogo.gif (http://www.macrumors.com)

Security Update 2006-003 Now Available

Now in Software update:Security Update 2006-003 is recommended for all users and improves the security of the following components.

AppKit
Bom
CFNetwork
CoreFoundation
CoreGraphics
curl
Finder
Flash Player Plug-in
ImageIO
LaunchServices
Mail
Preview
QuickDraw
Ruby
Safari
securitydFurther details can be found in the Apple Knowledge Base (http://docs.info.apple.com/article.html?artnum=303737).

Security Update 2006-002 (http://www.macrumors.com/pages/2006/03/20060313172627.shtml) was issued two months ago, in March.

paperinacup
May 11, 2006, 04:09 PM
was just wondering when one was coming out

gekko513
May 11, 2006, 04:14 PM
Holy crap!

Almost all the fixes are for critical security holes that could lead to arbitrary code execution.

Planting a trojan on a system running Mac OS X without this security update would be a piece of cake for an attacker with detailed knowledge of all these vulnerabilities. Mail reading, image viewing, Internet surfing or CD file browsing would all be unsafe activities.

Doctor Q
May 11, 2006, 04:17 PM
Detailed changes:

AppKit - Characters entered into a secure text field can be read by other applications in the same window session

Under certain circumstances when switching between text input fields, NSSecureTextField may fail to re-enable secure event input. This may allow other applications in the same window session to see some input characters and keyboard events. This update addresses the issue by ensuring secure event input is properly enabled. This issue does not affect systems prior to Mac OS X v10.4.

AppKit, ImageIO - Viewing a maliciously-crafted GIF or TIFF image may lead to arbitrary code execution

The handling of malformed GIF or TIFF image may lead to arbitrary code execution when parsing a maliciously-crafted image. This affects applications that use the ImageIO (Mac OS X v10.4 Tiger) or AppKit (Mac OS X v10.3 Panther) framework to read images. This update addresses the issue by performing additional validation of GIF and TIFF images.

BOM - Expanding an archive may lead to arbitrary code execution

By carefully crafting an archive (such as a Zip archive) containing long path names, an attacker may be able to trigger a heap buffer overflow in BOM. This may result in arbitrary code execution. BOM is used to handle archives in Finder and other applications. This update adresses the issue by properly handling the boundary conditions.

BOM - Expanding a malicious archive may cause arbitrary files to be created or overwritten

An issue in the handling of directory traversal symbolic links encountered in archives may cause BOM to create or overwrite files in arbitrary locations accessible to the user expanding the archive. BOM handles archives on behalf of Finder and other applications. This update addresses the issue by ensuring that files expanded from an archive are not placed outside the destination directory.

CFNetwork - Visiting malicious web sites may lead to arbitrary code execution

An integer overflow in the handling of chunked transfer encoding could lead to arbitrary code execution. CFNetwork is used by Safari and other applications. This update addresses the issue by performing additional validation. The issue does not affect systems prior to Mac OS X v10.4.

ClamAV - Processing maliciously-crafted email messages with ClamAV may lead to arbitrary code execution

The ClamAV virus scanning software has been updated to incorporate security fixes in the latest release. ClamAV was introduced in Mac OS X Server v10.4 for email scanning. The most severe of these issues could lead to arbitrary code execution with the privileges of ClamAV. For more information, see the project web site at http://www.clamav.net.

CoreFoundation - Registration of an untrusted bundle may lead to arbitrary code execution

Under certain circumstances, bundles are implicitly registered by applications or the system. A feature of the bundle API allows dynamic libraries to load and execute when a bundle is registered, even if the client application does not explicitly request it. As a result, arbitrary code may be executed from an untrusted bundle without explicit user interaction. This update addresses the issue by only loading and executing libraries from the bundle at the appropriate time.

CoreFoundation - String conversions to file system representation may lead to arbitrary code execution

An integer underflow during the processing of a boundary condition in CFStringGetFileSystemRepresentation may lead to arbitrary code execution. Applications that use this API or one of the related APIs such as NSFileManager's getFileSystemRepresentation:maxLength:withPath: may trigger the issue and lead to arbitrary code execution. This update adresses the issue by properly handling the boundary conditions.

CoreGraphics - Characters entered into a secure text field can be read by other applications in the same window session

Quartz Event Services provides applications with the ability to observe and alter low-level user input events. Normally, applications cannot intercept events when secure event input is enabled. However, if "Enable access for assistive devices" is on, Quartz Event Services can be used to intercept events even when secure event input is enabled. This update addresses the issue by filtering events when secure event input is enabled. This issue does not affect systems prior to Mac OS X v10.4. Credit to Damien Bobillot for reporting this issue.

Finder - Launching an Internet Location item may lead to arbitrary code execution

Internet Location items are simple URL containers which may reference http://, ftp://, and file:// URLs, as well as a few other URL schemes. These different types of Internet Location items are visually distinct, and meant to be safe to explicitly launch. However, the scheme of the URL may be different than the Internet Location type. As a result, an attacker may be able to convince a user to launch a supposedly benign item (such as a Web Internet Location, http://), with the result that some other URL scheme is actually used. In certain circumstances, this may lead to arbitrary code execution. This update addresses the issues by restricting the URL scheme based on the Internet Location type.

FTPServer - FTP operations by authenticated FTP users may lead to arbitrary code execution

Multiple issues in FTP server path name handling could result in a buffer overflow. A malicious authenticated user may be able to trigger this overflow which may lead to arbitrary code execution with the privileges of the FTP server. This update adresses the issue by properly handling the boundary conditions.

Flash Player - Playing Flash content may lead to arbitrary code execution

Flash Player contains critical vulnerabilities that may lead to arbitrary code execution when specially-crafted files are loaded. Further information is available via the Macromedia web site at www.macromedia.com. This update addresses the issue by incorporating Flash Player version 8.0.24.0.

ImageIO - Viewing a maliciously-crafted JPEG image may lead to arbitrary code execution

An integer overflow in the processing of JPEG metadata may result in a heap buffer overflow. By carefully crafting an image with malformed JPEG metadata, an attacker may be able to cause arbitrary code execution when the image is viewed. This update addresses the issue by performing additional validation of images. This issue does not affect systems prior to Mac OS X v10.4. Credit to Brent Simmons of NewsGator Technologies, Inc. for reporting this issue.

Doctor Q
May 11, 2006, 04:17 PM
Detailed changes (continued):

Keychain - An application may be able to use Keychain items when the Keychain is locked

When a Keychain is locked, it is not possible for applications to access the Keychain items it contains without first requesting that the Keychain be unlocked. However, an application that has obtained a reference to a Keychain item prior to the Keychain being locked may, in certain circumstances, be able to continue using that Keychain item regardless of whether the Keychain is locked or unlocked. This update addresses the issue by rejecting requests to use Keychain items when the Keychain is locked. Credit to Tobias Hahn of HU Berlin for reporting this issue.

LaunchServices - Viewing a malicious web site may lead to arbitrary code execution

Long file name extensions may prevent Download Validation from correctly determining the application with which an item may be opened. As a result, an attacker may be able to bypass Download Validation and cause Safari to automatically open unsafe content if the "Open `safe' files after downloading" option is enabled and certain applications are not installed. This update addresses the issue through improved checking of the file name extension. This issue does not affect systems prior to Mac OS X v10.4.

libcurl - URL handling in libcurl may lead to arbitrary code execution

The open source HTTP library libcurl contains buffer overflows in URL handling. Applications using curl for URL handling may trigger the issue and lead to arbitrary code execution. This update addresses the issue by incorporating libcurl version 7.15.1. This issue does not affect systems prior to Mac OS X v10.4.

Mail - Viewing a malicious mail message may lead to arbitrary code execution

By preparing a specially-crafted email message with MacMIME encapsulated attachments, an attacker may trigger an integer overflow. This may lead to arbitrary code execution with the privileges of the user running Mail. This issue corrects the issue by performing additional validation of messages.

Mail - Viewing a malicious mail message may lead to arbitrary code execution

The handling of invalid color information in enriched text email messages could cause the allocation and initialization of arbitrary classes. This may lead to arbitrary code execution with the privileges of the user running Mail. This update addresses the issue by properly handling malformed enriched text data.

MySQL Manager - MySQL database may be accessed with an empty password

During the initial setup of a MySQL database server using MySQL Manager, the "New MySQL root password" may be supplied. However, this password is not actually used. As a result, the MySQL root password will remain empty. A local user may then obtain access to the MySQL database with full privileges. This update addresses the issue by ensuring that the entered password is saved. This issue does not affect systems prior to Mac OS X Server v10.4. Credit to Ben Low of the University of New South Wales for reporting this issue.

Preview - Navigating a maliciously-crafted directory hierarchy may lead to arbitrary code execution

When navigating very deep directory hierarchies in Preview, a stack buffer overflow may be trigger. By carefully crafting such a directory hierarchy, it may be possible for an attacker to cause arbitrary code execution if the directories are opened in Preview. This issue does not affect systems prior to Mac OS X v10.4.

QuickDraw - Viewing a maliciously-crafted PICT image may lead to arbitrary code execution

Two issues affect QuickDraw when processing PICT images. Malformed font information may cause a stack buffer overflow, and malformed image data may cause a heap buffer overflow. By carefully crafting a malicious PICT image, an attacker may be able to cause arbitrary code execution when the image is viewed. This update addresses the issue by performing additional validation of PICT images. Credit to Mike Price of McAfee AVERT Labs for reporting this issue.

QuickTime Streaming Server - A malformed QuickTime movie can cause QuickTime Streaming Server to crash

A QuickTime movie that has a missing track may cause a null pointer dereference, causing the server process to crash. This causes active client connections to be interrupted. However, the server is restarted automatically. This update addresses the issue by producing an error when malformed movies are encountered.

QuickTime Streaming Server - Maliciously-crafted RTSP requests may lead to crashes or arbitrary code execution

By carefully crafting an RTSP request, an attacker may be able to trigger a buffer overflow during message logging. This may lead to the arbitrary code execution with the privileges of the QuickTime Streaming Server. This update adresses the issue by properly handling the boundary conditions. Credit to the Mu Security research team for reporting this issue.

Ruby - Ruby safe level restrictions may be bypassed

The Ruby scripting language contains a mechanism called "safe levels" that is used to restrict certain operations. This mechanism is most commonly used when running privileged Ruby applications or Ruby network applications. In certain circumstances, an attacker may be able to bypass the restrictions in such applications. Applications that do not rely on safe levels are unaffected. This update addresses the issue by ensuring that safe levels cannot be bypassed.

Safari - Visiting malicious web sites may lead to file manipulation or arbitrary code execution

When Safari's "Open `safe' files after downloading" option is enabled, archives will be automatically expanded. If the archive contains a symbolic link, the target symlink may be moved to the user's desktop and launched. This update addresses the issue by not resolving downloaded symbolic links. This issue does not affect systems prior to Mac OS X v10.4.

Mac Fly (film)
May 11, 2006, 04:20 PM
If someone rates this article as a negitive, I'll kick them :D

nagromme
May 11, 2006, 04:21 PM
I'm glad they're fixing these "potentials" before they become "actuals," but mostly I'm just dying to know. What is BOM?

I know it's something to do with extracting zips, but why the name BOM?

TIA for what will probably be some Unix trivia :)

PS, it's cool that the latest Flash Player is bundled right into the Apple update.

Atlasland
May 11, 2006, 04:23 PM
The security updates seem to have been getting a bit more frequent of late.

Mac Fly (film)
May 11, 2006, 04:24 PM
"I'm just dying to know. What is BOM?" It contains gun powder and has a short fuse attached ;)

longofest
May 11, 2006, 04:25 PM
Holy crap!

Almost all the fixes are for critical security holes that could lead to arbitrary code execution.

Planting a trojan on a system running Mac OS X without this security update would be a piece of cake for an attacker with detailed knowledge of all these vulnerabilities. Mail reading, image viewing, Internet surfing or CD file browsing would all be unsafe activities.

This is the way it is with almost all OSX Security updates. No one pays attention because the vulnerabilities are rarely exploited, but it goes to show that our OS is not quite as safe as some may think...

at least Apple's finally patching these vulnerabilities. I haven't taken in-depth looks, but I'm guessing we're finally seeing patches for the vulnerabilities that were initially found in January (http://www.macrumors.com/pages/2006/04/20060427020719.shtml).

daveyjokes
May 11, 2006, 04:26 PM
i wonder if this is a response to the ads they put up earlier, just to make extra-sure :p

EricNau
May 11, 2006, 04:28 PM
If someone rates this article as a negitive, I'll kick them :D
Must... resist... urge... to... click... negative!!! :p

nagromme
May 11, 2006, 04:33 PM
Always remember:

1. No OS is ever perfect.

2. Therefore Mac OS X is not perfect.

3. Therefore Mac OS X is just as bad as Windows.

4. Therefore Windows is better than Mac OS X.

QED :)

Thought I'd save some time and sum that all up for anyone who needs it :)

~Shard~
May 11, 2006, 04:34 PM
The security updates seem to have been getting a bit more frequent of late.

Nothing wrong with that. Apple is on the ball and is being proactive in many cases - that's a good thing. :cool:

Plus, this is the third security update of 2006 for Apple. How many patches, etc. has MS released for Windows so far? :p ;)

ipacmm
May 11, 2006, 04:38 PM
Wow, a lot of updates released today.

bluebomberman
May 11, 2006, 04:42 PM
"I'm just dying to know. What is BOM?" It contains gun powder and has a short fuse attached ;)

I think it's the bizarre name to Mac OS X's ZIP file engine (opening/archiving). Someone else might know more. (Maybe it's a UNIX program?)

kainjow
May 11, 2006, 04:49 PM
What is BOM?

I know it's something to do with extracting zips, but why the name BOM?

TIA for what will probably be some Unix trivia :)
Ever heard of Google? ;)

From http://en.wikipedia.org/wiki/BOMArchiveHelper
BOM stands for "Bill of Materials"

adrianm
May 11, 2006, 04:50 PM
I'm glad they're fixing these "potentials" before they become "actuals," but mostly I'm just dying to know. What is BOM?

I know it's something to do with extracting zips, but why the name BOM?

TIA for what will probably be some Unix trivia :)

PS, it's cool that the latest Flash Player is bundled right into the Apple update.
see man bom

theorem7
May 11, 2006, 04:51 PM
I'm glad they're fixing these "potentials" before they become "actuals," but mostly I'm just dying to know. What is BOM?

I know it's something to do with extracting zips, but why the name BOM?


I believe BOM is an acronym for Byte Order Mark and the name for a character code placed at the beginning of a data stream. It is used to identify certain things about the data stream, mainly which Unicode type the file uses (UTF-8, UTF-16, or UTF-32). Here's the wikipedia article if you are interested: http://en.wikipedia.org/wiki/Byte_Order_Mark

thomasp
May 11, 2006, 04:52 PM
Hmmm - must only be for 10.4.6 users - I'm still running OSX 10.4.5 and the update doesn't exist :(

plinden
May 11, 2006, 04:53 PM
I believe BOM is an acronym for Byte Order Mark and the name for a character code placed at the beginning of a data stream. It is used to identify certain things about the data stream, mainly which Unicode type the file uses (UTF-8, UTF-16, or UTF-32). Here's the wikipedia article if you are interested: http://en.wikipedia.org/wiki/Byte_Order_Mark
That may be true, but "Bill of Materials" is the correct answer in this particular case.

Most software I've been involved with has shipped with what we called a BOM (bill of materials) in a format depending on what we were shipping, most simply a list of components..

nagromme
May 11, 2006, 05:01 PM
Now I know! Even better trivia than I was hoping for :)

As you were...

Hmmm - must only be for 10.4.6 users - I'm still running OSX 10.4.5 and the update doesn't exist :(
I haven't yet gone to 10.4.6 and I don't see it either. Time to update!

j_maddison
May 11, 2006, 05:12 PM
Always remember:

1. No OS is ever perfect.

2. Therefore Mac OS X is not perfect.

3. Therefore Mac OS X is just as bad as Windows.

4. Therefore Windows is better than Mac OS X.

QED :)

Thought I'd save some time and sum that all up for anyone who needs it :)

Chuckles to himself :D I like your humour!

For me what makes Apple more secure is that their very proactive in patching any security vulnerabilities before they get out into the wild and become a problem. For this reason I love downloading security updates; it lets me know Apple are dedicated to keeping their OS as secure as possible.

jay

theorem7
May 11, 2006, 05:13 PM
That may be true, but "Bill of Materials" is the correct answer in this particular case.

Most software I've been involved with has shipped with what we called a BOM (bill of materials) in a format depending on what we were shipping, most simply a list of components..


Oh, ok, thanks! I was out of my league on that one, I was just trying to be helpful and tried looking it up on my own. Looks like I picked the wrong BOM! Thanks for correcting me!

Doctor Q
May 11, 2006, 05:15 PM
http://www.macrumors.com/images/macrumorsthreadlogo.gif (http://www.macrumors.com)

Update to news story

See these pages for manual downloads:Mac OS X 10.4 (PPC) (http://www.apple.com/support/downloads/securityupdate2006003macosx1046clientppc.html)

Mac OS X 10.4 (Intel) (http://www.apple.com/support/downloads/securityupdate2006003macosx1046clientintel.html)

Mac OS X 10.3 (http://www.apple.com/support/downloads/securityupdate20060031039client.html)

Queso
May 11, 2006, 05:20 PM
Looks to me like most of these "arbitary code execution" things are the same security problem, but Apple have had to fix several apps and services as they all use the vulnerable routines. Quicktime, Quickdraw, Safari, Preview, even Finder and CoreGraphics are closely linked to each other. It could also be that whilst investigating some of these holes, Apple have come across others and are patching ahead of the game.

Great to see anyway. I just hope the feedback in a couple of days shows that these holes are now fully plugged.

truz
May 11, 2006, 05:26 PM
I was in the middle of work when I got a popup asking me to download security updates. I clicked ok and shortly after it said I need to restart or shutdown. I saved my stuff and hit restart. Now my imac intel won't boot. I am stuck at the Starting Mac OS X.... boot screen. Blue loading bar never completes and locks up or completes and locks up. I can't boot safemode or from macos install cd.

Queso
May 11, 2006, 05:32 PM
Wondering what you mean by safemode, but.....

....not sure if this works on the Intel Macs, but worth a try. Boot into single-user mode (hold down s at startup) and run fsck -y

HiroProtagonist
May 11, 2006, 05:34 PM
I was in the middle of work when I got a popup asking me to download security updates. I clicked ok and shortly after it said I need to restart or shutdown. I saved my stuff and hit restart. Now my imac intel won't boot. I am stuck at the Starting Mac OS X.... boot screen. Blue loading bar never completes and locks up or completes and locks up. I can't boot safemode or from macos install cd.


iMac here at work is doing the same thing. WTF?

Doctor Q
May 11, 2006, 05:35 PM
For a discussion and a poll about the frequency of Security Updates, see the How often should Security Updates be issued? thread.

HiroProtagonist
May 11, 2006, 05:42 PM
Wondering what you mean by safemode, but.....

....not sure if this works on the Intel Macs, but worth a try. Boot into single-user mode (hold down s at startup) and run fsck -y


No luck, anyone got any other ideas :confused:

Stridder44
May 11, 2006, 05:44 PM
Queue the "my system feels snappier" comments in 3, 2, 1.....



On that note, my system feels snappier

Queso
May 11, 2006, 05:46 PM
No luck, anyone got any other ideas :confused:

How are you trying to boot from the CD/DVD? Are you remembering that you now hold down D rather than C?

miketcool
May 11, 2006, 05:52 PM
My MacBook tanked after installing these three updates. I am on my G4 tower. Something is awry, Finder fails to launch.

I went through single user mode, dumped some cache, started in safe mode. It worked in safe, but didnt work again in normal mode! So the fun begins...

HiroProtagonist
May 11, 2006, 06:00 PM
How are you trying to boot from the CD/DVD? Are you remembering that you now hold down D rather than C?


D is the the Hardware Test (No Luck), C sucessfully boots off CD/DVD, running tests.....


No Luck - Looks like thread started at apple support:

http://discussions.apple.com/thread.jspa?threadID=477248&tstart=0

Should probably update news report to help other intel users to wait on update so they don't get this problem

Queso
May 11, 2006, 06:08 PM
D is the the Hardware Test (No Luck), C sucessfully boots off CD/DVD, running tests.....

Ah sorry. These Intel Macs get me confused :confused: Not sure what's different and what's the same.

Analog Kid
May 11, 2006, 06:27 PM
Wow-- looks like Apple did a major code audit! Some of these had been published, some were for open source code, and some look like they came out of Apple themselves.

truz
May 11, 2006, 06:31 PM
I'm on the phone with apple support. I got into safeboot (hold shift after music until safeboot screen loads, can take 10 minutes). I repaired disks and disk permissions. I was also told to delete cache.

Anywho.. after booting into safeboot a few times and restarting the computer (as well as unpluging the power cord) I am now in the process of formatting my computer from the cd's. Was the only way they would support the issue.

1-800-275-2273 <- apple support. Make sure you have your serial number handy and a backup ;) POS

vohdoun
May 11, 2006, 06:55 PM
I was in the middle of work when I got a popup asking me to download security updates.

Bet you wish you were still doing the work rather than formating and setting everything up again.

truz
May 11, 2006, 06:57 PM
Bet you wish you were still doing the work rather than formating and setting everything up again.

I wish I could decapitate whoever released them patches...


I keep copies of my emails on my servers, so keeping my email up and running is never an issue. I also keep any work done on my computer and external hard drive so I had everything saved but a few cd's I picked up on torrentspy today ;) but, when I got in safeboot I saved them and copied my mail folder so I don't have to reset everything up or sort threw old emails I have already deleted which are still being stored on my server.

HiroProtagonist
May 11, 2006, 07:02 PM
boot into safe mode by holding down the shift key

go to system system preferences/ accounts/ login items

clear all items

open finder from dock / machintoshHD/ library/ startupitems
move all items to trash and empty

then restart

##########################
Confirmed!!!!!! WORKS!!!!
########################

truz
May 11, 2006, 07:07 PM
I think it had something to do with them patches apple released. I could not get the boot screen to even load where it said "Starting MacOS X..." I just got the gray box with apple logo and Mac OS X thats all.. Few times after I shut my system down 5x times it loaded fully and would not let me click on anything as if my mouse were dead but I have 2 pluged in so I knew that was not the issue.

I was told to trash a few things from the appletech and it still had issues. Anyways.. reload is almost completed. If I have this issue again I'm going to record myself blowing this imac up.



##########################
Confirmed!!!!!! WORKS!!!!
########################
**
edit: wish I knew that ;)
**

phd
May 11, 2006, 07:17 PM
iMac here at work is doing the same thing. WTF?


My Intel Imac is frozen at startup as well....:confused:

Time for a clean install...:eek:

HiroProtagonist
May 11, 2006, 07:23 PM
Solution posted ;)

truz
May 11, 2006, 07:41 PM
I would install these updates again... but, I'm going to hold off and make sure all is well. ;) I'm not reloading again and again.....

phd
May 11, 2006, 07:42 PM
Solution posted ;)


Doh!

I should have waited a few more minutes... Doing an archive and install now...:(

pgwalsh
May 11, 2006, 07:59 PM
I know this isn't suppose to affect perfromance in anyway, but my 15" PB GUI feels faster. The computer seemed to boot up in less time as well. Could be in my head, but those were my initial thoughts.

Tech
May 11, 2006, 08:46 PM
Confirmed!!!!!! WORKS!!!!


Thanks so much for posting that solution. I thought my iMac was hosed. Working fine now. :)

Platform
May 11, 2006, 10:03 PM
Good to see Apple keeping up with time....;)

There was a lot of updates today...started up and got 5 RSS articles from MR...3 updates :D

idea_hamster
May 11, 2006, 10:15 PM
Clearly, with all the talk about how this update
deals with critical security flaws and how it
may conflict with start-up items,
we have lost touch with the true effect of updates
and the most important issue that this kind of release raises:

Uptime. :D

plinden
May 11, 2006, 10:18 PM
So, anyone with an Intel iMac for whom this update didn't screw up everything?

I think it's time to make a major backup before installing.

Todd H
May 11, 2006, 10:29 PM
So, anyone with an Intel iMac for whom this update didn't screw up everything?

I think it's time to make a major backup before installing.

Worked fine for me. I installed the Front Row, Quicktime, and Security updates, restarted, and booted up with no problems. I'm running a 20" Intel iMac.

IanF0729
May 11, 2006, 10:55 PM
Worked fine for me. I installed the Front Row, Quicktime, and Security updates, restarted, and booted up with no problems. I'm running a 20" Intel iMac.

Same here.

In fact, Front Row is now a speed demon for me. I repaired permissions before and after the update.

From what I've read, it's the MBPs that are having the issues, as per usual.

GoCubsGo
May 11, 2006, 11:14 PM
I never went to 10.4.6 because there seemed to be so many issues. I am glad this is finally out...now I'll update!

mfacey
May 11, 2006, 11:59 PM
I know this isn't suppose to affect perfromance in anyway, but my 15" PB GUI feels faster. The computer seemed to boot up in less time as well. Could be in my head, but those were my initial thoughts.


Everybody that thinks that these security updates are making their OS faster need to think again. Let me explain. As you install an update, you have to reboot your system. We mac users rarely do this so your swap files get bloated, thereby diminishing performance. Once you reboot all this is cleared and your system should be noticably faster!

So you could do this everyday if you want. The trick is rebooting, not installing security updates! :rolleyes:

phd
May 12, 2006, 12:12 AM
I heard the cause could be related to Adobe Version Cue in login items with the Intel Macs?

Multimedia
May 12, 2006, 03:24 AM
Hmmm - must only be for 10.4.6 users - I'm still running OSX 10.4.5 and the update doesn't exist :(And why are you not running 10.4.6? :confused: :eek:

lonepilgrim
May 12, 2006, 03:39 AM
So, anyone with an Intel iMac for whom this update didn't screw up everything?

I think it's time to make a major backup before installing.
Worked fine for me - great to be finally able to get to movie trailers through Front Row. As one post above suggests, perhaps it depends what you have in your login items.

encro
May 12, 2006, 04:08 AM
I'm glad they're fixing these "potentials" before they become "actuals," but mostly I'm just dying to know. What is BOM?

I know it's something to do with extracting zips, but why the name BOM?

TIA for what will probably be some Unix trivia :)

PS, it's cool that the latest Flash Player is bundled right into the Apple update.

BOM is Bill of Materials

You can use lsbom to extract the output of a BOM file included in a package (pkg) and view the actual installed contents.

encro
May 12, 2006, 04:13 AM
What is particularly impressive is not only the amount of fixes implemented but also the level of depth in the kb article to give an idea of the process used to resolve the issue. The 2006-003 kb article is the most detailed one so far, these issues are nearly all related to OS X components and a few smaller fixes for newer opensource developments. Hopefully this is the start of much better security updates in the future. Top work! :)

GekkePrutser
May 12, 2006, 05:59 AM
I was just reading through this thread and though I saw lots of problems affecting the Intel Macs, I didn't see any references to the PPC ones yet, either way.

Is there anyone here who's tried it yet? I'm a bit weary now after all these bad things happening to the Intel systems.

By the way, I think it's ridiculous of Apple to only want to support these problems after a fresh re-install. I mean, THEY created the problem in the first place. They should find a more intelligent way of solving it. Especially when it affects so many people in the same way :mad:

I'm glad I didn't get AppleCare, I can do without this kind of support. I can come up with the 'Fresh Install' idea myself, thank you very much :) Only the hardware warranty extension would be cool though..

Leoff
May 12, 2006, 06:19 AM
Always remember:

1. No OS is ever perfect.

2. Therefore Mac OS X is not perfect.

3. Therefore Mac OS X is just as bad as Windows.

4. Therefore Windows is better than Mac OS X.

QED :)

Thought I'd save some time and sum that all up for anyone who needs it :)

Horrible logic, and I'm not saying that as a Mac OS X defender.

1. No Operating System is ever perfect.
2. Mac X and Windows are Operating Systems
3. Mac X and Windows are not perfect.

3a. Viruses attack and exploit security in OS's.
3b. There are more Viruses for the Windows OS.
3c. There are more security issues in Windows.

miketcool
May 12, 2006, 07:38 AM
Well, I am back here at work on the ol' G4 trying to see what else I can do to fix my MBP 2.Ghz. Here's what I have done so far:

1: Single-User Mode deleted my bootcache and user-added fonts.

2: Install Disk Permissions Fix, verified my hardware is ok.

3: Safe-mode dumped third-party widgets, startup items, and desktop files.

4: Reinstalled updates

5: Reinstalled 10.4.6

Even after all that, I still hang in the startup. Its never consistant, its either the grey screen, or the blue screen with the mouse, or the start up status bar that never fills or my desktop with only a spinning wheel and spotlight the only thing to show up.

In the words of Cartman: "Hey guys, I'm seriously getin' pissssed off in mhah!"
http://web.nwe.ufl.edu/~ltaylor/teaching/f02/dmartine/cartman.gif

mainstreetmark
May 12, 2006, 07:40 AM
Horrible logic, and I'm not saying that as a Mac OS X defender.


Horrible sense of humor, I'd say...

anaknipedro
May 12, 2006, 09:16 AM
Sounds like Leopard is almost ready.

miketcool
May 12, 2006, 09:19 AM
In the words of Cartman: "Hey guys, I'm seriously getin' pissssed off in mhah!"

Hey, heres the solution, enjoy!!:cool:

http://discussions.apple.com/thread.jspa?messageID=2312301#2312301

dr_lha
May 12, 2006, 09:34 AM
Clearly, with all the talk about how this update
deals with critical security flaws and how it
may conflict with start-up items,
we have lost touch with the true effect of updates
and the most important issue that this kind of release raises:

Uptime. :D
Sir, you have a obsession with the weather.

Multimedia
May 12, 2006, 10:29 AM
I was just reading through this thread and though I saw lots of problems affecting the Intel Macs, I didn't see any references to the PPC ones yet, either way.

Is there anyone here who's tried it yet? I'm a bit weary now after all these bad things happening to the Intel systems.

By the way, I think it's ridiculous of Apple to only want to support these problems after a fresh re-install. I mean, THEY created the problem in the first place. They should find a more intelligent way of solving it. Especially when it affects so many people in the same way :mad:

I'm glad I didn't get AppleCare, I can do without this kind of support. I can come up with the 'Fresh Install' idea myself, thank you very much :) Only the hardware warranty extension would be cool though..Can't tell any problems.

mrkr
May 12, 2006, 10:29 AM
Yeah, my intel imac wont boot after this update. just hangs on the blue screen. Finally just re-installed the whole OS (archive and install) rather than trouble shoot. After that the update ran fine though so in the end it was probably one of the simpler solutions.

good luck, but I would say hold off if you have an intel mac

dr_lha
May 12, 2006, 10:38 AM
Yeah, my intel imac wont boot after this update. just hangs on the blue screen. Finally just re-installed the whole OS (archive and install) rather than trouble shoot. After that the update ran fine though so in the end it was probably one of the simpler solutions.

good luck, but I would say hold off if you have an intel mac
Did you have Adobe CS2 installed? It seems like this is linked to having a non-booting iMac.

PDubNYC
May 12, 2006, 10:45 AM
Now I know! Even better trivia than I was hoping for :)

As you were...


I haven't yet gone to 10.4.6 and I don't see it either. Time to update!


If you access a non-Apple server, particularly a Xinet volume, I advise strongly against upgrading to 10.4.6 It is a very problematic upgrade, and I am really hoping that 10.4.7 comes out soon and addresses these known issues with file permissions going wonky.

ejl10
May 12, 2006, 10:49 AM
No problems with my 20" iMac G5 Rev B... yet.

morespce54
May 12, 2006, 10:58 AM
iMac here at work is doing the same thing. WTF?

:mad:
okay, I already had a few fizzles with my Internet connection (FTPs and Emails), so I might waith a little bit... :rolleyes:
Keep us posted please !!!

plinden
May 12, 2006, 11:48 AM
Did you have Adobe CS2 installed? It seems like this is linked to having a non-booting iMac.
It seems to be more linked to having PPC applications in startup items. I've read on other forums that Microsoft database daemon also caused problems.

Does anyone have Palm Desktop and/or MS Office installed on their Intel Macs? Can you report on how the update went?

TheLost
May 12, 2006, 12:26 PM
I had to reboot my powerbook 3 or 4 times to get airport working (it wasn't updating the keychain), but other than that it seems ok...

cnakeitaro
May 12, 2006, 12:29 PM
Yeah this update hosed my Intel iMac install as well. After a long phone call with Applecare, after exhausting all other options, they just told me to reinstall with the Archive option. But I am also running the Adobe Update Cue so as someone pointed out it could be something with that. But, I was able to boot in safe mode and removed that app from my startup items. So I don't know how it would have an effect.

morespce54
May 12, 2006, 01:13 PM
It seems to be more linked to having PPC applications in startup items. I've read on other forums that Microsoft database daemon also caused problems.

Does anyone have Palm Desktop and/or MS Office installed on their Intel Macs? Can you report on how the update went?

good point because it seems that Virex could also be problematic...

mrkr
May 12, 2006, 01:27 PM
Did you have Adobe CS2 installed? It seems like this is linked to having a non-booting iMac.

I did have cs2 running and I think your are right. Even after a reinstall I'm having problems getting cs2 products to deinstall/reinstall and run.

jayb2000
May 12, 2006, 01:40 PM
on a G3 iMac running 10.3.9

Sorry to all the folks having problems, that sucks.:(

Bengt77
May 12, 2006, 01:53 PM
Sir, you have a obsession with the weather.
Hahaha! Yeah, I thought that too, when seeing that screenshot. And what about having two weather widgets per city open, one with C and one with F? Why even care about Fahrenheit? That's sooooooo 1990's! SI all the way...

Bengt77
May 12, 2006, 01:54 PM
May I point to this Secunia page (http://secunia.com/product/96/), where it's clearly stated that Mac OS X, as of this morning, has a grand total of 0 (zero) unpatched security flaws? Darn, that's pretty good, I'd say...

:eek:

coop
May 12, 2006, 02:19 PM
I just wanted to let you know that I just updated the following computers without any problems"

(2) 20" Intel iMac with Adobe CS2 and Version Cue
(1) 20" Intel iMac
(1) 17" iMac G5
(2) Power Mac G4 towers

I had read in the past that you should make sure that you use disk utility to verify your disk permissions before an install, so all my computers did not have any disk persmission errors. I also made sure all of my programs were shut down before I restarted. Not sure if any of this helps, but it gives me peace of mind.

dr_lha
May 12, 2006, 02:22 PM
I just wanted to let you know that I just updated the following computers without any problems"

(2) 20" Intel iMac with Adobe CS2 and Version Cue
(1) 20" Intel iMac
(1) 17" iMac G5
(2) Power Mac G4 towers

I had read in the past that you should make sure that you use disk utility to verify your disk permissions before an install, so all my computers did not have any disk persmission errors. I also made sure all of my programs were shut down before I restarted. Not sure if any of this helps, but it gives me peace of mind.
Yeah, I can report similar success wilth a 1.8Ghz DP G5 PowerMac and a Core Solo mini.

idea_hamster
May 12, 2006, 08:48 PM
Sir, you have a obsession with the weather.
Ha! Guilty as charged -- those are the (major) cities where I have relatives.

And I keep the temperatures up in both degrees F and C in an attempt to be more "international."

*****

FWIW, I wonder just what it was about the Adobe library items that caused such a problem -- I find it hard to believe that no one at Cupertino had CS2 on their test machine...:confused:

coop
May 12, 2006, 11:45 PM
I wrote earlier that I had a sucessful install on my iMacs with CS2. I was working late as I am going out of town and just had my finder freeze while I was working. I could not restart my iMac. Read Xax's safe boot description and was able to get my Mac to work. I removed Version cue and the automatic log-in items from the other iMac before it had problems. For some reason the other computer restarted fine as did mine, and I was able to work on it for most of the day.

plinden
May 13, 2006, 01:02 AM
Installed all three updates on my Core Duo iMac ... no problems. But then I had read up about the PPC app problems and made sure I had none in my startup items.

truz
May 13, 2006, 02:59 AM
anyone else have 4 smaller updates today? I had 4 updates today for some reason.

zac4mac
May 13, 2006, 08:58 AM
Thanks everybody for the input, waited a while and finally decided to run the updates on my MBP. No CS 2, just PS7.1, restarted fine. Not running update yet on G5, as a restart would mess up my game that I've had open for the last 3 days - Diablo II LOD, Hell level. Been playing this game for several years now, really getting my money's worth...

FFTT
May 13, 2006, 09:18 AM
I can't take advantage of this security update until I update to 10.4.6

I just checked on Digidesign's compatibility page and it seems that
10.4.6 has now been approved for PT M-Powered 7.1

I'm still worried about all my plugins and my old version of Cubase 1.0.6

I better hold off until I hear more feedback.

greenry
May 13, 2006, 12:13 PM
The update installed fine for my Intel Imac, however after restarting, opening Safari causes the hard drive to just chug. I checked the activity monitor and disk writing is at 100% and in doing so cripples everything else on my computer. Quiting Safari causes the disk writing to stop but it's rather a bummer because I love using Safari. Anyone have any options?

disconap
May 14, 2006, 07:05 AM
Well, I can give the first DEFINITE report of it crashing a PPC (10.3.9 update). I installed it on my Sawtooth and it is no longer running. I have it back to stock (I had to, as the graphics card and processor aren't supported by my install disc, which I used to check the hd). I'm now trying the safe mode method, will report if the thing even boots.

Just what I wanted to be doing at 5am on a Sunday morning.

mdavey
May 14, 2006, 07:18 AM
Well, I can give the first DEFINITE report of it crashing a PPC (10.3.9 update).

Sorry to hear that. Is it the same symptoms as this thread: http://forums.macrumors.com/showthread.php?t=200379&highlight=2006-003?

disconap
May 14, 2006, 08:01 AM
No, actually. I got those symptoms on my ibook (I was daring/stupid and just did the install on that), but the method cited earlier in the thread sorted that out. With the Sawtooth, it will boot to the apple and spinner, but not do anything. Safe boot isn't working either. Grrr.

I also have CS2 installed, someone mentioned that earlier in this thread. Is there a fix that anyone's found for this, or am I in re-install-OS-land?

cherfizzle
May 14, 2006, 03:19 PM
Wow, looks like this update was more critical than the others!
never really cared so much for security updates, but this one is a need

disconap
May 15, 2006, 04:08 AM
Well, I did an archive install on my Sawtooth and then ran all updates, and everything worked fine. The combined updates seem to be more stable than the individual ones. So my advice is to back-up and give it a shot, just have the install discs nearby so if you have to reinstall, you can.

Butthead
May 15, 2006, 01:40 PM
May I point to this Secunia page (http://secunia.com/product/96/), where it's clearly stated that Mac OS X, as of this morning, has a grand total of 0 (zero) unpatched security flaws? Darn, that's pretty good, I'd say...

:eek:

Sucks that everyone is having problems with this update, that it renders systems useless until they do an archive install. But then the older OSX updates, had similar problems. It was, and apparently still is the case that the Combo updates tend to be the most problem free installs. PITA time consumer, to have to go back to your install disk, then dl/apply/install latest combo updaters.

However, don't rely on Secunia for all of you info.

Today's MacNN has an article about the person who found many of these vunerabilties and how some are 'critical' that have NOT been fixed with this most recent security patch update :(

http://www.macnn.com/articles/06/05/15/apples.security.patch/

Julianne
May 15, 2006, 03:51 PM
Hey all,

After doing this update I have now lost the use of my F1& F2 as well as F8-F10

and in the prefs there is no option for brightness as well....

Help! :eek:

I have a PowerBook G4 1.33 with OS X 10.4.6

HELP :confused:

Julianne
May 16, 2006, 07:01 AM
Hey ALL.... I found a fix that worked for me... maybe it can help some of you others that are having issues with the update...

Ok here's what I did...

I went to:
http://www.apple.com/support/downloads/
and got the Mac OS X 10.4.6 Combo for PPC
and installed it let the system reboot and
bam.. the F1/F2 brightness buttons worked again!

Then I went and got the
Security Update 2006-003 Mac OS X 10.4.6 Client (PPC)
and installed it again and all still works!!

For those of you that have intel of coarse you should get the intel versions
I have not tried this on an intel so I can not say if this will work for you guys.

So maybe when the update tried to install something went wrong and the 2nd time around it went fine..

This is what worked for me.. I hope it can help some of you others out there that are also having update issues :D