Security Update 7/12/02

Discussion in 'MacRumors News Discussion (archive)' started by arn, Jul 13, 2002.

  1. arn
    macrumors god


    Staff Member

    Apr 9, 2001
    Security Update 7-12-02 delivers a more secure Software Update service to verify that future updates originate from Apple. If you would prefer to download this manually from a secure Apple server you can download the package at
  2. macrumors 68020


    Oct 28, 2001
    Greensboro, NC
    well thats what i call fast. gj to apple. eat it m$.
  3. macrumors 6502a


    Jan 4, 2002
    Austin, TX
    Might have been already working on it

    Who knows, the people who work on this component should have known how vulnerable it was and were working on a "fix" for a future release. They just got caught early and pushed this out.

    Or they are really serious about security and had people pull all-nighters until it was fixed.

    Either way, it just shows that Apple can respond quickly when [legitimate] problems arise if they have the full glare of the Mac media shining on them. Mac OS X is also up for for Government security review as well so this only helps.
  4. Moderator emeritus


    Oct 5, 2001
    San Diego, CA
    Hear, hear!!

    I just heard about this vulnerability this week and Apple already has it patched. Fantastic!'s that HTML vulnerability in Outlook Express for PC coming...;)
  5. macrumors regular

    May 12, 2002
    Kennebunk, Maine, USA

    That security problem is almost a week old and this is the first of the Mac sites I go to that even mentioned it, only after a fix came out.

    Typical, when a problem arises like this the Mac community is quiet hoping it will go away. Kudos to Apple for patching it quickly.

    And shame on all who though Mac OS X is perfect, it anit by a far cry. I hope someday it is close to perfect, but no software is perfect.

    I have had OS X since the second day it was released to stores and have been quite excited, but realized soon when I loaded the 10.0 version that it was a "beta" for sure, 10.1 helped, but did something wierd with the moniter display. 10.1.5 seems to be where is sould have been, when first released.

    I am excited and can't wait for 10.2, but don't think it is the perfect, secure OS.

    html in email is for weenies, plain old text works just fine, and html can be shut off in Outlook for all incoming and outgoing mail
  6. macrumors regular

    Feb 25, 2002
    Has anyone had any problems after installing this update?
  7. macrumors 6502a


    Oct 12, 2001
    I had no problem installing it.

    Quick question: Which security is better? OS 9 or OS X?
  8. macrumors regular

    Feb 21, 2002
    This update rocks! type "man softwareupdate" in terminal!

    Finally, running software update via cli!!!!!

    I am a happy camper!
  9. macrumors 68020


    Oct 28, 2001
    Greensboro, NC
    nice...i think i'll prefer that to doing it thru the GUI. i dont like things popping up all over.
  10. macrumors 6502a

    Nov 25, 2001
    Champaign, IL, USA
    well done to apple for patching this one up quickly.

    daRAT -- you say that the Mac community didn't say a word... don't you ever visit macslash, /. or macintouch???

    ShaolinMiddleFinger -- OS 9 security is "better" security wise because there's no underlying code... Apple has done a great job with OS X Security and getting things fixed up quickly. Quite a few of the security updates for OS X so far relate to software componenets which apple do not develop, such as openssh and apache server. this is one of the few issues that has been the fault of apple.

    Also, it never ceases to amaze me how many critical updates come out for win2k... it's a constant flow... I needed 2 CDs to burn the critical win2k updates from the original win2k release...
  11. macrumors 65816


    Apr 25, 2002
    Seattle, WA
    Now how about adding MD5 support for the passwd file

    As I say above, how about some MD5 passwd support, instead of crypt. I would prefer some strong authentication for my passwd file. How many people have a passwd > 8 chars and have mistyped the passwd, but have still been let in? As long as you get the first 8 chars right, the rest are chomped off.

    While were at it, I hope Apple considers adding support for Andrew File System. OpenAFS rocks on the Mac. How about they just package it into the OS. I realize that most users don't use it, but it would please Universities, as most of them run AFS. Of course then they need to add Kerberos support, but MIT has that working just fine.

    While we are talking about security, has Apple implemented any kind of password encryption for email yet?
  12. macrumors 65816

    Jan 22, 2002
    Re: Now how about adding MD5 support for the passwd file

    its about time, apple :D

    *waves hand*
    i always wonderd why it did that
  13. macrumors member

    Feb 4, 2002
    there seems to be a problem with the update

    After installing the update on my powerbook G4 everything seem o.k. but today I installed OS X 10.1.2 on a G3, thaen I opend software update and all I see is the security update, so i run it. now the SW update claims my system is up to date! I can not update to 10.1.5, so I downloaded the combined update and my OS X drive is greyed out, it seems apple has F*** up something.

Share This Page