Now Available via Software Update:
Security Update 2004-09-30 delivers a number of security enhancements and is recommended for all Macintosh users. This update includes the following components:

AFP Server
CUPS
NetInfoManager
postfix
QuickTime

For detailed information on this Update, please visit this website: http://www.info.apple.com/kbnum/n61798

Who wants to be a Lab Mouse and test it first and report. :)

Once again, Apple takes the initiative....... 24/7

lots of security updates these days... oh well, as long as they're solid I'd rather have updates than security holes.

- reaper

Another security update?! :eek:

Apple is just cranking these out nowadays.

Anyway, it looks like a little one, just 1.5 MB. Installing it now.

And edit ... it requires a restart ... doh.

installed...quicktime still works.

no problems thus far

Just installed it, no problems so far on a 15"PB, 1GHz

Although the Finder does feel a bit snappier.



Just kidding, it seems the same.

heh, the Finder probably seems snappier because of that reboot. ;)

is't this update a bit late... i mean it's the 5th now...

and i just rebooted after that Java #2 update. now, i've got to re-boot again? :rolleyes: ah well. you've gotta do what you've gotta do.

there goes trying to break my own personal uptime record hehe

heh, the Finder probably seems snappier because of that reboot. ;)

is't this update a bit late... i mean it's the 5th now...

and i just rebooted after that Java #2 update. now, i've got to re-boot again? :rolleyes: ah well. you've gotta do what you've gotta do.

I'd rather it be late and work right, than on-time and fubar'd.

I don'T want to update until someone confirms that "Localhost" as smtp server still works, I have a lot of work e-mails going out from my iBook...

Hello, anybody there with postfix activated? :)

EDIT: Nevermind, I just tried in one of our macs and everyting is correct... as always, everything looks snappier :p ;) J/K

After the last couple updates I think I will wait. I have had
nothing but problems ever since...

Working fine for me...

Yay! :)

Just installed it, no problems so far on a 15"PB, 1GHz

Although the Finder does feel a bit snappier.



Just kidding, it seems the same.

Actually, it did seem to fix a problem I had where the Applications and Macintosh HD folders kept scrambling their icons.

Hmm, yet another security update - there have been quite a few lately! Ah well, I don't mind applying them since I know Apple is doing a timely and thorough job on addressing security issues, whether they are minor or not. One can never be too careful! :cool:

installed no problems here , why don't they just make sunday a update night seems like every week a new update is here - not that i am complaining mind.

ta

tom

is't this update a bit late... i mean it's the 5th now...
It's the 5th? As far as I know, it's Monday the 4th. But, yeah, if they released it today, why didn't they just call it the 10-4 update?

Update installed on Dual 2.0 G5 & iMac 17 inch G4 and no problems on either.

Actually, it did seem to fix a problem I had where the Applications and Macintosh HD folders kept scrambling their icons.

both my work and home computers have been doing that too! wonder what caused it?

both my work and home computers have been doing that too! wonder what caused it?

I've noticed the same thing lately too. It happened after I installed the most recent Java update, but I don't see what that would have had to do with it though really. As for today's "9/30" update, it installed and everything is a-ok afterwards. :)

It's cool that Apple acknowledges the person who reported a security issue.

CUPS
Impact: Local disclosure of user passwords
Description: Certain methods of authenticated remote printing could disclose user passwords in the printing system log files. Credit to Gary Smith of the IT Services department at Glasgow Caledonian University for reporting this issue.

I installed the security update and everything works fine. In fact I've never had any problems after installing Apple updates. Some of you guys must have your Macs seriously tricked-out to always be complaining about problems :)

Looks like the NetInfo update fixes the problem someone asked about a while ago here. Now there won't be a conflicting "enabled" or "disabled" root status.

Damn Apple, I've lost my 2 days uptime :-D

Glad Apple are keeping up with security fixes even though Tiger is just around the corner.

I installed the security update and everything works fine. In fact I've never had any problems after installing Apple updates. Some of you guys must have your Macs seriously tricked-out to always be complaining about problems :)

Same Here! I just don't understand all these problems. I've had Macs most of my life and I always install updates and never had any problems or glitches!

well this is alot of updates lately. Oh well we probably be better off with these tho. :)

Everything is fine here. Finder is "snappier" probably because of optimization.

It's the 5th? As far as I know, it's Monday the 4th. But, yeah, if they released it today, why didn't they just call it the 10-4 update?

Well according to my calander it's the 5th, but then again I'm about 17 hours ahead of you, damn time zones ;)

Either way, it's not September 30 anymore anywhere in the world. We have seen updates released early (as in dated in the future) so we know their dating isn't the most accurate.

I've installed the update and went to repair permissions as usual. When I tried, it failed!

I thought, WTF. The error said Disk Utility had lost connection with the Disk Management Utility and to restart Disk Utility.

I did several times, even rebooted the machine.

Must....Repair.......Permissions..... :(

Anybody got a clue about this?

versus my Windows XP box that forgot all peripherals, driver reinstalls required, and crashed on every major security update-- so happy to be m$ free!!

.. btw is windows media player reliable on OS X? I'd rather avoid MS totally having broken free after too many decades.

I've installed the update and went to repair permissions as usual. When I tried, it failed!

I thought, WTF. The error said Disk Utility had lost connection with the Disk Management Utility and to restart Disk Utility.

I did several times, even rebooted the machine.

Must....Repair.......Permissions..... :(

Anybody got a clue about this?

Try repairing from the CD-ROM.

I installed it on a 900MHz G3 iBook and 1.8 Dual G5 and no problems :)

I installed the security update and everything works fine. In fact I've never had any problems after installing Apple updates. Some of you guys must have your Macs seriously tricked-out to always be complaining about problems :)Same Here! I just don't understand all these problems. I've had Macs most of my life and I always install updates and never had any problems or glitches!
As with me. I just installed on my cube and everything is fine. :D

Ahhhh! Isn't it sweet how all our security updates come right to us, without having to go searching for them or hearing about them from a friend of a friend? Has anyone run a Windows update recently? What a joke! Thank God for Apple's initiative to make even updating your software a breeze! Plus the connection is blazing fast.

Well according to my calander it's the 5th, but then again I'm about 17 hours ahead of you, damn time zones ;)
Haha, oops! I guess I could have looked at your location prior to posting that :o :D

Has anyone run a Windows update recently? What a joke!

Actually, I'd say "yes", but the real answer is "no".

Windows Update runs automatically, and I occasionally get a pop-up from the system tray when I log in that says "New updates have been downloaded. Click here to install."

Why is this a joke? What are you doing wrong?

(and, when I download manually I typically get about 1 mega-byte per second from the Windows download servers....)

Why is this a joke? What are you doing wrong

Obviously MS has made improvements. It's been a while since I've run an update for my Mother-in-law or dark-side, non computer savvy friends. Personally, I avoid Windows like the plaque. I prefer a crash free environment in my computing life. :)

versus my Windows XP box that forgot all peripherals, driver reinstalls required, and crashed on every major security update-- so happy to be m$ free!!

.. btw is windows media player reliable on OS X? I'd rather avoid MS totally having broken free after too many decades.

Windows Media Player works fine generally, but doesn't handle DRM-protected content. There are also utilities to convert WMA files to other formats, if you're interested. Check VersionTracker.

Welcome aboard the Mac platform. It's never too late to *enjoy* using your computer. :-)

Mmm. I'll see what the reports are in a few more hours before I push the update button...

All of these security updates make me wonder how many more security holes there are.

Personally, I avoid Windows like the plaque.


Personally, I avoid the plaque by flossing....


I prefer a crash free environment in my computing life.

Me too.

Q:\tests>psinfo \\aiden-dual3ghz

System information for \\aiden-dual3ghz:
Uptime: 65 days 14 hours 38 minutes 6 seconds
Kernel version: Microsoft Windows XP, Multiprocessor Free
Product type: Professional
Product version: 5.1

Enjoying a patch-free environment there, too, Aiden? ;)

Hi, everyone, I've lurked for a while, but wanted to check whether anyone else is having trouble with Pathfinder, so here is post numero uno.

Edit: Went to Cocaotech forums and solved the problem.

Put me in the group with no problems with this Update.

Pete.

BTW, great forums, guys.

Same Here! I just don't understand all these problems. I've had Macs most of my life and I always install updates and never had any problems or glitches!

Every single Apple update has been great for me, with the notable exception of OS X versions 10.3.2 and 10.3.3, which totally broke iTunes (I had all my music on an external FireWire drive, and due to the FireWire "fixes" in these updates, iTunes would periodically "skip," which was infuriating). It wasn't until I reverted to 10.3.1 (and 10.3.4 came out) that I could use iTunes again. Since, I've been a bit wary of updates.

Actually, it did seem to fix a problem I had where the Applications and Macintosh HD folders kept scrambling their icons.

I had that problem too recently, icons of applications, files and custom folder icons got scrambled or exchanged. Always managed to reassign them but it was getting annoying. It started two weeks ago, before I had installed all the September security and Java updates, I had just installed a new hard drive about a month ago. When I think back it started after I had the Powerbook on a couple of flights, maybe the X-rays flipped over a couple of bits, I had it in sleep while being X-rayed.

Had the same problem before with 10.3.2. But maybe it also just the reboot that's fixing it.

Enjoying a patch-free environment there, too, Aiden? ;)

Actually, that system is running the final release candidate of SP2 - haven't installed the final yet.

(Version "5.1" is XP, any service pack. "5.0" is Win2000, "5.2" is Windows 2003.)

(raistlin:~)% uptime
07:34:59 up 78 days, 11:43, 2 users, load average: 0.16, 0.04, 0.01

Last hardware upgrade on my linux server (another pair of mirrored drives). I do enjoy being able to update without rebooting... (except for kernel issues)

That being said, I really do enjoy my new Mac. :D

just installed the security update and so far so good (crossing fingers). Recently, there has been a lot of updates, but far less than M$ releases.

with all these updates i might have to reboot 2-3 times a month.. geeze! :)

This is the first time being aware of this update. It just shows that Apple is looking out for us. Curently I'm on a PC, sorry. :o

Actually, it did seem to fix a problem I had where the Applications and Macintosh HD folders kept scrambling their icons.


Did your icons look like 4 really small folder icons all in side one icon??

This has been happening to me from time to time.

All of these security updates make me wonder how many more security holes there are.We don't really have to worry about how many security holes there are, only how many of them are known and being taken advantage of. So the only question is how soon you can and should get a patch after a security hole is discovered. Apple has chosen to close the holes fairly quickly with timely updates. That makes for more security updates, but doesn't indicate that there are more holes than if they let them collect and issued them in larger batches on a less frequent basis. As long as security updates take only a few minutes and involve a quick restart, Apple's scheme is better for us in the long run.

Actually, it did seem to fix a problem I had where the Applications and Macintosh HD folders kept scrambling their icons.

Thank goodness - I thought I was losing my mind, or that there was some low-level corruption going on that repairing permissions and doing various file restoration things couldn't fix. It's a silly, small, issue, but Jeez, I wish someone at Apple said something about this, it has been driving me nuts.

Good to know this handles the problem.

versus my Windows XP box that forgot all peripherals, driver reinstalls required, and crashed on every major security update-- so happy to be m$ free!!

.. btw is windows media player reliable on OS X? I'd rather avoid MS totally having broken free after too many decades.

Try VLC and/or MPlayer. With these 2 (free) apps you should be able to play 99% of the windows media files and not have to worry about installing the player.

Although I have had no problems with windows media play on my powerbook, I avoid using it at all cost. Just on principle.

It seems that nobody noticed the seriousness of the QuickTime issue. Because of a buffer overflow it alows the execution of arbitrary code hidden in a BMP image. That is the same as the JPEG exploit few weeks ago on Windows, just on a BMP file instead of a JPEG. So much about Apple security and quality control being better. I am sad to say this but Apple is begining to resemble Microsoft waay too much.

Just as the pigs began to look like humans... All of those who read Orwell's Animal Farm know what I'm talking about. :)

It seems that nobody noticed the seriousness of the QuickTime issue. Because of a buffer overflow it alows the execution of arbitrary code hidden in a BMP image. That is the same as the JPEG exploit few weeks ago on Windows, just on a BMP file instead of a JPEG. So much about Apple security and quality control being better. I am sad to say this but Apple is begining to resemble Microsoft waay too much.

:)

where do you get a bmp image with this one-click executable code from?

Well after i installed it, my computer started to go at a snail's pace. Everything. it took me about 6-8 minutes to start up (it kinda got stuck at starting the login window, but it might have been stuck because it had to change screens), another 5 before i could click anything, then when i did click something i got the rotating frisbee for a while, then to open any application another 5. This has probably something to do with the update since i havent experienced this before i installed it.

i have a G4 imac 800Mhz running Mac OS 10.3.5

billyboy: You could get it from anywhere. It's an image file as any other except the hidden code. You could get it by mail, load it somwhere on the internet or anytihing like that. That's why it's so dangerous. I don't know the exact details of the vunerabilty so I'd rather not go into details as I don't know if Safari loads it's pics via QuickTime, but I suppose it does. Luckily Apple fixed this soon enough, I have not yet seen a proof of concept let alone a real exploit on the net.

Try repairing from the CD-ROM.


Eep!

From what I've heard that is not the thing to do. Especially after so many updates, the cd-rom based permission repairs are not going to be accurate. If its absolutely necessary, do it, but otherwise it might do mroe harm than good.

charlie

Actually, I'd say "yes", but the real answer is "no".

Windows Update runs automatically, and I occasionally get a pop-up from the system tray when I log in that says "New updates have been downloaded. Click here to install."

Why is this a joke? What are you doing wrong?

(and, when I download manually I typically get about 1 mega-byte per second from the Windows download servers....)

Aiden, a megaBYTE per second? Or a mega bit per second?

What is your broadband speed? It would have to be at least 9 mega bits per second (including overhead), but more likely 10 to get one megabyte per second

I also installed the update.

1 B/W G3
2 AGP G4
2 Digital Audio G4

All ok.

Eep!

From what I've heard that is not the thing to do. Especially after so many updates, the cd-rom based permission repairs are not going to be accurate. If its absolutely necessary, do it, but otherwise it might do mroe harm than good.

charlie

A broken Disk Utility on the hard drive isn't very good either, is it? At least, if it's possible to use the CD-ROM to repair Disk Utility on the hard drive to repair permissions afterwards, it would be a step in the right direction.

All systems go.

Everything seems to run smoothly on my PB 15" 1.25

Still not used to all these security patches from Apple though...

:)

Aiden, a megaBYTE per second? Or a mega bit per second?

What is your broadband speed?

A pair of teamed OC-3 (310Mbps total) fibres to an OC-12 (622 Mbps) uplink.

That's at work, home is only a T-1.

A pair of teamed OC-3 (310Mbps total) fibres to an OC-12 (622 Mbps) uplink.

That's at work, home is only a T-1.

That's not fair Aiden. Want to share? I'm only at 3Mbps, though at least I'm on PPPOA not PPPOE.

I am not sure if you need to apply all the secruity updates in the order that they came available (does it matter) or whether applying the latest update includes all the previous updates too. In my situation I am behind several updates and not sure the correct way to go.

I am not sure if you need to apply all the security updates in the order that they came available (does it matter) or whether applying the latest update includes all the previous updates too. In my situation I am behind several updates and not sure the correct way to go.

Generally, you cannot apply any update, security or otherwise, if a previous one is required first. These updates appear in the order that they were released. But, often this also means that they must be installed in that order as well.

If a newer security update appears that contains the previous one in it, then the previous update will not appear in your updates panel. If they do, then it is advised that you apply all of them.

You can always wait a few days before applying updates to ascertain whether they are "good". If not, Apple will usually pull it shortly after release.

A security update may not appear if you are using an older version of any software that the update is meant to secure. When, and if, you do update that software, then the security update will appear.

I hope this helps.

That makes sense. I usually download the full installer vs directly update so I can update my computer at home too (modem at home-fast work connection). I try to keep my 2 G5s :D runnng at the same system to avoid problems but I do seem to get behind, and end up with several updates I have not applied and it does get confusing as to which ones I have applyed and which ones to apply first if there are several. Not to mention the apps and java updates too. If one was applied out of order would the installer be smart enough to know or would it matter? Or what if I had allready applied and update but forgot and tried to apply it again. It would help if each security update would list previously released updates that are required before the current one is applied. Going to Apples Security Update page does not seem to address this question.

That makes sense. I usually download the full installer vs directly update so I can update my computer at home too (modem at home-fast work connection). I try to keep my 2 G5s :D runnng at the same system to avoid problems but I do seem to get behind, and end up with several updates I have not applied and it does get confusing as to which ones I have applyed and which ones to apply first if there are several. Not to mention the apps and java updates too. If one was applied out of order would the installer be smart enough to know or would it matter? Or what if I had allready applied and update but forgot and tried to apply it again. It would help if each security update would list previously released updates that are required before the current one is applied. Going to Apples Security Update page does not seem to address this question.

If you update directly from the update control panel then Apple checks your machine to learn what updates you need, and only downloads those.

If you download updates from work and bring them home, then you are bypassing the control built into the system. Under those circumstances you might not have updates that you need, and some that you do have you might not need.

The best thing to do then is to open the Software update panel and let it find the new updates. If they coincide with yours, then install them in the order that they appear in the panel.

If you download a security update for the latest release of Java, for example, at work, because you have installed it there, but have not installed it at home, then the software update panel will show both the Java update as well as the security update for it.

Click on each update, and the panel will tell you what it is for.

If you have already applied any updates, even if you have installed them manually, then the software panel will see that, and they will not appear. The update itself will usually not re-install over itself, and SHOULD let you know if a newer one is already present.

But always let the software update panel check first. Then quit it.

Yes I see what you mean using the Software update panel to determine what is needed even if you choose not to download (for any Mac that has a net connection that is -if my home computer was not connected it would not be so easy).

Great --I will try this method.

thanks again melgross

We are here to serve.

Has anyone experienced networking difficulties after installing Security Update 2004-09-30? I can't tell if ours are causal or coincidental. We installed the update and immediately lost the ability to see FileMaker Pro files over our LAN *and* access them through the web. Anyone have any ideas how to resolve this?

My Mail application on both computers respond better. I have noticed that when I clicked on the "File" menu in Mail there was a delay of 2-3 seconds before the menu would show. This problem was on both computers but with this update it is resolved. A nice unexpected treat!

We don't really have to worry about how many security holes there are, only how many of them are known and being taken advantage of. So the only question is how soon you can and should get a patch after a security hole is discovered. Apple has chosen to close the holes fairly quickly with timely updates. That makes for more security updates, but doesn't indicate that there are more holes than if they let them collect and issued them in larger batches on a less frequent basis. As long as security updates take only a few minutes and involve a quick restart, Apple's scheme is better for us in the long run.

I agree Doctor Q, well said. That is important that they are on guard.

Mmm. I'll see what the reports are in a few more hours before I push the update button...

Have any cautious updaters tried SuperDuper from Shirt Pocket? (http://www.shirt-pocket.com/) with its Safety Clone feature. It looks as if it might help.

Any comments?

I have installed all Apple's updates regularly without any noticeable problems (but havn't yet used SuperDuper).

John :)

A pair of teamed OC-3 (310Mbps total) fibres to an OC-12 (622 Mbps) uplink.

That's at work, home is only a T-1.(Emphasis added)

I just wet my pants.

(Emphasis added)

I just wet my pants.

Geez, I'd hate to see what you'd do then if I started running things using our provincial transport ring where I work - it's only an OC-192 link... :cool:

I finally installed the Security Update 2004-09-30 on my Power Mac G4. It's running great, just purring like a cat. :)