Apple Releases Security Update 2010-003 for Snow Leopard and Leopard

[MacRumors]

Apple today released a series of security updates targeting users of Mac OS X Snow Leopard and Leopard. According to the support document for the release, the updates address a single vulnerability related to handling of embedded fonts by Apple Type Services. Discovery of the vulnerability is credited to noted cybersecurity researcher Charlie Miller, who last month disclosed his discovery of 20 new zero-day holes in Mac OS X.

- Security Update 2010-003 (Snow Leopard) (6.50 MB)
- Security Update 2010-003 (Leopard-Client) (218.6 MB)
- Security Update 2010-003 (Leopard-Server) (379.5 MB)

The Leopard versions posted to Apple's site incorporate previous security updates, explaining their large file size relative to the Snow Leopard version.

Apple also released Server Admin Tools 10.6.3, an update to Apple's package for installing remote administration tools to non-server machines. The update delivers 16 documented improvements to several of the package's components.

Article Link: Apple Releases Security Update 2010-003 for Snow Leopard and Leopard

 

[troop231]

Yay for updates

 

[jav6454]

Busy week at Cupertino

 

[Peace]

Might want to add EFI updates for the late 2009 iMacs too.

 

[MorphingDragon]

The ones for Leopard are HUGE for a security update.

It's nice to see Apple responding to security problems for a change.

 

[Winni]

Busy week at Cupertino

And in Redmond - Microsoft also had their patch day today. It seems that Apple and Microsoft want to reboot all computers on this planet at the same time...

 

[troop231]

And in Redmond - Microsoft also had their patch day today. It seems that Apple and Microsoft want to reboot all computers on this planet at the same time...

Seems to me every other day I get Windows updates, it gets pretty annoying.

 

[inlovewithi]

So these security holes were discovered last month and a fix was released today? So nobody took advantage? I guess security through obscurity does work.

 

[inlovewithi]

Seems to me every other day I get Windows updates, it gets pretty annoying.

Today I was thinking about how I hadn't gotten one in a long time.

 

[Patrick J]

And in Redmond - Microsoft also had their patch day today. It seems that Apple and Microsoft want to reboot all computers on this planet at the same time...

Difference is that Mac takes a minute, Windowze takes 5-10.

 

[MorphingDragon]

And in Redmond - Microsoft also had their patch day today. It seems that Apple and Microsoft want to reboot all computers on this planet at the same time...

They want to create their own earth minute.

 

[itickings]

Security updates... The more the merrier

Still room for improvements in the patch-handling, but we'll take what we get.

 

[Consultant]

Difference is that Mac takes a minute, Windowze takes 5-10.

Got a source?

EDIT: oops I thought you were saying something about the
Pwn2Own Hacking conference myth

 

[Michaelgtrusa]

Small file.

 

[Corrosive vinyl]

All that is left is the update to fix the permission issues with derby, etc. Then I will be like

 

[Eric S.]

Seems to me every other day I get Windows updates, it gets pretty annoying.

Not for XP.

 

[troop231]

Not for XP.

Haha, I'm running 7 though

 

[Morod]

Got the SL security update as well as the Backup update. Hope it makes backups faster.
After dl'ing and installing the updates, I repaired permissions. A long list of Utilities permissions needed repairing. Maybe it was just me, but if you got these updates it wouldn't hurt to take a couple of minutes and repair permissions on your HD.
I have a late 2007 Al iMac, 2.4GHz, 24".

 

[Xavier]

He (probably) gets PAID to exploit software. What a job!

 

[york2600]

Difference is that Mac takes a minute, Windowze takes 5-10.

Try rebooting 400 Windows servers on patch Tuesday. Windows takes long enough to boot, but initializing RAID controllers takes all day. I've been very busy today.

 

[AidenShaw]

Seems to me every other day I get Windows updates, it gets pretty annoying.

When you get those emails from Security@MicroSoft.com - don't click the link and say "install". Please.

"Every other day" is about 15 times more often than the rest of us are offered updates.

http://en.wikipedia.org/wiki/Patch_Tuesday

Try rebooting 400 Windows servers on patch Tuesday. Windows takes long enough to boot, but initializing RAID controllers takes all day. I've been very busy today.

Your servers aren't well managed, then.

Most of the patches don't apply to any particular server - there's no benefit from applying and rebooting. (You don't run Office or surf the web from your servers - no need for IE or Office patches.)

If you use "roles" for servers, then you won't even be offered patches that are irrelevant to the task that server is performing.

 

[lisster]

Seems to me every other day I get Windows updates, it gets pretty annoying.

Windows does updates on Tuesdays to, if your getting em every other day, YOUR doing something wrong..not MS

btw, where are all the apple fan boys shouting "MACS AREN'T VULNERABLE!"..
so what are they patching then

 

[AidenShaw]

btw, where are all the apple fan boys shouting "MACS AREN'T VULNERABLE!"..

They're on the thread agreeing with the turtlecked one that nobody needs more than a Core 2 Duo.

 

[troop231]

Windows does updates on Tuesdays to, if your getting em every other day, YOUR doing something wrong..not MS

Actually no, I'm not doing anything wrong, it just seems like once a week is crazy. Maybe they should check for flaws before they ship Windows Oh, that's what service packs are for.

 

[lilo777]

Seems to me every other day I get Windows updates, it gets pretty annoying.

MS releases updates in small increment as soon as it patches things. Apple makes huge updates once in a while. It looks like Apple lacks a good software management/release flow and thus is unable to patch things quicker.