Security Update 7/12/02

Discussion in 'MacRumors News Discussion (archive)' started by arn, Jul 13, 2002.

  1. arn
    macrumors god

    arn

    Staff Member

    Joined:
    Apr 9, 2001
    #1
    Security Update 7-12-02 delivers a more secure Software Update service to verify that future updates originate from Apple. If you would prefer to download this manually from a secure Apple server you can download the package at http://www.info.apple.com/kbnum/n75304
     
  2. macrumors 68020

    sparkleytone

    Joined:
    Oct 28, 2001
    Location:
    Greensboro, NC
    #2
    well well...now thats what i call fast. gj to apple. eat it m$.
     
  3. macrumors 6502a

    Sayer

    Joined:
    Jan 4, 2002
    Location:
    Austin, TX
    #3
    Might have been already working on it

    Who knows, the people who work on this component should have known how vulnerable it was and were working on a "fix" for a future release. They just got caught early and pushed this out.

    Or they are really serious about security and had people pull all-nighters until it was fixed.

    Either way, it just shows that Apple can respond quickly when [legitimate] problems arise if they have the full glare of the Mac media shining on them. Mac OS X is also up for for Government security review as well so this only helps.
     
  4. Moderator emeritus

    Rower_CPU

    Joined:
    Oct 5, 2001
    Location:
    San Diego, CA
    #4
    Hear, hear!!

    I just heard about this vulnerability this week and Apple already has it patched. Fantastic!

    Now...how's that HTML vulnerability in Outlook Express for PC coming...;)
     
  5. macrumors regular

    Joined:
    May 12, 2002
    Location:
    Kennebunk, Maine, USA
    #5
    Odd

    That security problem is almost a week old and this is the first of the Mac sites I go to that even mentioned it, only after a fix came out.


    Typical, when a problem arises like this the Mac community is quiet hoping it will go away. Kudos to Apple for patching it quickly.

    And shame on all who though Mac OS X is perfect, it anit by a far cry. I hope someday it is close to perfect, but no software is perfect.


    I have had OS X since the second day it was released to stores and have been quite excited, but realized soon when I loaded the 10.0 version that it was a "beta" for sure, 10.1 helped, but did something wierd with the moniter display. 10.1.5 seems to be where is sould have been, when first released.

    I am excited and can't wait for 10.2, but don't think it is the perfect, secure OS.


    html in email is for weenies, plain old text works just fine, and html can be shut off in Outlook for all incoming and outgoing mail
     
  6. macrumors regular

    Joined:
    Feb 25, 2002
    #6
    Has anyone had any problems after installing this update?
     
  7. macrumors 6502a

    ShaolinMiddleFinger

    Joined:
    Oct 12, 2001
    #7
    I had no problem installing it.

    Quick question: Which security is better? OS 9 or OS X?
     
  8. macrumors regular

    Joined:
    Feb 21, 2002
    Location:
    chicago
    #8
    This update rocks! type "man softwareupdate" in terminal!

    Finally, running software update via cli!!!!!

    I am a happy camper!
     
  9. macrumors 68020

    sparkleytone

    Joined:
    Oct 28, 2001
    Location:
    Greensboro, NC
    #9
    nice...i think i'll prefer that to doing it thru the GUI. i dont like things popping up all over.
     
  10. macrumors 6502a

    Joined:
    Nov 25, 2001
    Location:
    Champaign, IL, USA
    #10
    well done to apple for patching this one up quickly.

    daRAT -- you say that the Mac community didn't say a word... don't you ever visit macslash, /. or macintouch???

    ShaolinMiddleFinger -- OS 9 security is "better" security wise because there's no underlying code... Apple has done a great job with OS X Security and getting things fixed up quickly. Quite a few of the security updates for OS X so far relate to software componenets which apple do not develop, such as openssh and apache server. this is one of the few issues that has been the fault of apple.

    Also, it never ceases to amaze me how many critical updates come out for win2k... it's a constant flow... I needed 2 CDs to burn the critical win2k updates from the original win2k release...
     
  11. macrumors 65816

    peterjhill

    Joined:
    Apr 25, 2002
    Location:
    Seattle, WA
    #11
    Now how about adding MD5 support for the passwd file

    As I say above, how about some MD5 passwd support, instead of crypt. I would prefer some strong authentication for my passwd file. How many people have a passwd > 8 chars and have mistyped the passwd, but have still been let in? As long as you get the first 8 chars right, the rest are chomped off.

    While were at it, I hope Apple considers adding support for Andrew File System. OpenAFS rocks on the Mac. How about they just package it into the OS. I realize that most users don't use it, but it would please Universities, as most of them run AFS. Of course then they need to add Kerberos support, but MIT has that working just fine.

    While we are talking about security, has Apple implemented any kind of password encryption for mac.com email yet?
     
  12. macrumors 65816

    Joined:
    Jan 22, 2002
    Location:
    SFBA
    #12
    Re: Now how about adding MD5 support for the passwd file

    its about time, apple :D

    *waves hand*
    i always wonderd why it did that
     
  13. macrumors member

    Joined:
    Feb 4, 2002
    Location:
    Earth
    #13
    there seems to be a problem with the update

    After installing the update on my powerbook G4 everything seem o.k. but today I installed OS X 10.1.2 on a G3, thaen I opend software update and all I see is the security update, so i run it. now the SW update claims my system is up to date! I can not update to 10.1.5, so I downloaded the combined update and my OS X drive is greyed out, it seems apple has F*** up something.
     

Share This Page