Security Update 2005-003 Released

[mickhyperion]

I had one minor problem the first time I tried to run the update thru Software Update. It failed and gave me this dialogue:

"The update "Security Update 2005-003" could not be verified and expanded correctly.

Make sure you have permission to write to /tmp/501/TemporaryItems/com.apple.SoftwareUpdate, then try again."

So I took a look around, kinda sorta found where they were directing me, and all read/write permissions were fine. No adjustment needed. Ran it again. Worked perfectly. The only difference between the first attempt and the second was I had several applications open the first time I ran it.

 

[cshuman]

Restart required?

I've wondered this for quite a while, but why do we have to restart after the updates? If we know what has been updated couldn't we just stop and restart the service that has been updated? It sure would be nice to be able to make that claim over some other os's.

I am probably not fully understanding everything that goes into the updates.

Chris

 

[j33pd0g]

I'm glad Apple added a feature to identify sneaky URLs that use other scripts to make a URL look like a well-known one.

Here is a sample of a URL containing an imposter letter "a":

http://www.?pple.com/

You can use the link above, before and after you update, to test how the change works.

That was cool . I wanted to show my co-worker this url. Guess what? The url is displayed in the browser as ?pple.com/ in OS 8.6, and if you click on it, the fake page can not be found. It loads www./ and that's all. Perhaps the old beat-up browsers of classic past are more secure because they are in fact so old. Anyway, I had to go home and get my before and after screenshots so he wouldn't think I was nuts.

 

[Twinkie]

I've wondered this for quite a while, but why do we have to restart after the updates? If we know what has been updated couldn't we just stop and restart the service that has been updated? It sure would be nice to be able to make that claim over some other os's.

I am probably not fully understanding everything that goes into the updates.

Chris

It's a bit more graceful to have updated daemons come up at boot, rather than killing them and restarting them.

I haven't looked too closely in to what files actually get updated, but my guess would be that some of the running processes can't be overwritten while they're running... so there's probably a script that overwrites (updates) them when you boot -- just before they start up.

 

[morespce54]

I'm glad Apple added a feature to identify sneaky URLs that use other scripts to make a URL look like a well-known one.

well, IMO, blocking sites from "customizable list" is kind of a cheap work-around. But at least, that is one...

 

[kherdin]

It doesn't block websites from a customizeable list. The customizable list is for characters that are to be displayed as punycode. For example, the Cyrillic "a" which looks identical to the Latin "a" is in that list.

 

[Doctor Q]

It doesn't block websites from a customizeable list. The customizable list is for characters that are to be displayed as punycode. For example, the Cyrillic "a" which looks identical to the Latin "a" is in that list.

It is the opposite. The customizable list is a list of scripts to be allowed. If you want Cyrillic to display natively, instead of with Punycode, you add Cyrillic to the list.

The list is kept in this file:

/System/Library/Frameworks/WebKit.framework/Versions/A/Resources/IDNScriptWhiteList.txt

It can be edited with TextEdit.

Here is the contents by default (on a U.S. system):

# Default Web Kit International Domain Name Script White List.

Common
Inherited

Arabic
Armenian
Bopomofo
Canadian_Aboriginal
Devanagari
Deseret
Gujarati
Gurmukhi
Hangul
Han
Hebrew
Hiragana
Katakana
Latin
Tamil
Thai
Yi​

 

[Stella]

Camino's works nicely also...

Go to http://www.drudgereport.com/

Mozilla also doesn't stop the pop-under.

 

[daveL]

I've wondered this for quite a while, but why do we have to restart after the updates? If we know what has been updated couldn't we just stop and restart the service that has been updated? It sure would be nice to be able to make that claim over some other os's.

I am probably not fully understanding everything that goes into the updates.

Chris

You mean like kernel modules that are currently in use by other, running processes? I've used this analogy before: It's like trying to tune up your engine while driving down the highway.

 

[aftk2]

I would be careful

With the miracle of computers, it all of a sudden started working again. Gotta love it, i did all the necessary tips, but i think the update tweaked something. Now i'm running at full force. yay. I am no longer sad, now i'm quite happy and relieved that my baby is back!

B

The exact same thing happened to me several months ago, after I installed an update. Originally, I thought the problem was related to the update, but I believe it only manifested itself on startup, and the update caused me to reboot. I would get kernel panics on startup several times, then sometimes they would go away. Then, they came back once, and never left.

I was able to fix them, however. The culprit? RAM. If this happens again, start pulling sticks.

 

[Mitthrawnuruodo]

Go to http://www.drudgereport.com/

Mozilla also doesn't stop the pop-under.

Firefox takes care of that one, too... straight up Firefox 1.0.1 for Mac... got Adblock installed, but it seems like it's Firefox itself who takes care of those two pop-ups/-unders...

 

[cliffjumper68]

Did you see Symantec's release about OSX?

It should be obvious that Symantec wants people to buy their worthless security programs. I have used their suites and since found far superior programs such as those from computer associates. This article however, calls immediate attention to purchasing Mac security software. Has anyone stopped to ask why would Symantec single out Mac OS X for a security concerns because of market share? They did not issue any such warning for Linux users. I think this is an orchestrated effort to stop the market share loss to Microsoft who has been the OS mainstay of their company. I hope there are some journalists that can look further into this. I also find it interesting that some of these “proof of concept” malware applications seem to find there way into the wild web not long after they are discovered. So, are we feeding the hand that smites us? Symantec smells and it should be checked out.

 

[Lacero]

Safari support of built-in hosts file would be a nice change. Most casual users wouldn't know how to install hosts files or even run Terminal. Even for me, Terminal is a scary place to be.

 

[wdlove]

I had one minor problem the first time I tried to run the update thru Software Update. It failed and gave me this dialogue:



So I took a look around, kinda sorta found where they were directing me, and all read/write permissions were fine. No adjustment needed. Ran it again. Worked perfectly. The only difference between the first attempt and the second was I had several applications open the first time I ran it.

Before you ran the update, did you run repair permissions? Which is found in utilities. Very important to do so after installation.

 

[crivera]

Pop-ups

Funny, I just downloaded the update, and Safari now blocks those pop-under ads for me, on sites including Drudge Report and InterfaceLift. Is everyone else really still having problems with this? I don't have PithHelmet or SAFT or any such plug-ins or applications installed for Safari.

 

[billyboy]

Does the user have to restart after this update?

I downloaded the update and forgot it was there. Sometime later I had a kernel panic. Rebooted, went to Software UPdate and no sign of the security update in the list. Went to Safari and it seems to be recognising false web addresses, so I assume the update has been installed. But I thought it was my call to restart?

Run cocktail and all is fine. Most bizarre.

The update to 10.3.8 took a few goes as well I seem to remember. Sent me on a wild goose chase looking for incorrect permissions, then another day it installed fine.

 

[FFTT]

Just a reminder to all.

Before installing ANY SOFTWARE especially OS software
make darn sure that your computer is set to NEVER SLEEP!

If your system shuts down during an OS install, you could have major nightmares.

 

[rdowns]

Neat soution. I'm kicking myself for not thinking of that one. I'd done a similar trick with my firewall but that spews out an annoying "Blocked by firewall message". This is much neater.

Some may have to merge this file with their existing hosts file instead of just replacing it.

Keep an eye on your activitiy monitor in Safari - anything you don't like the look of just add it into the hosts file. You'll be much better protected against spyware and click trackers.

Can anyone provide more detailed instruction on what to do with the host file?

 

[Xtremehkr]

iTunes recracked.

Another security update due soon?

It's not like this is a virus or spyware or anything, but I bet Steve is a little embarrassed by it all.

 

[riwanami]

iChat AV issues after update

I just downloaded/installed the latest security updates, and now I'm having problems with iChat AV and iSight. I can no longer do video or audio chat through the internet. Has anyone had any such issues?

 

[wrldwzrd89]

Can anyone provide more detailed instruction on what to do with the host file?

All I did was add entries to my hosts file, then copied the file to /etc and renamed it "hosts" (with no extension and without the "quotes"). If you have no idea how to get to /etc, you can use the Finder's Go To Folder feature in the Go menu. Just type "/etc" (without the "quotes") in the dialog box, press Return, and the /etc folder's contents will be displayed. The hosts file lives in there.

 

[j33pd0g]

I don't remember if this worked before the update, but the code in Google Ads is now right in Safari. Check it out - hovering over the same link in IE doesn't reveal the correct URL... but in Safari it does. In both cases I hovered over the Buy Refurbished Tools link - Look at the results in the two status bars.

 

[jks]

System preferences reset

After the reboot, some of my preferences were reset on my iBook: at least the date format in the menubar changed, and I could no longer click by tapping on the trackpad. These were easy to correct from the System Preferences, but I wonder what else may have gone wrong.

 

[MacBandit]

After the reboot, some of my preferences were reset on my iBook: at least the date format in the menubar changed, and I could no longer click by tapping on the trackpad. These were easy to correct from the System Preferences, but I wonder what else may have gone wrong.

There could have been corrupt pref files that were some how repaired in the install.

 

[sacear]

Neat soution. I'm kicking myself for not thinking of that one. I'd done a similar trick with my firewall but that spews out an annoying "Blocked by firewall message". This is much neater.

Some may have to merge this file with their existing hosts file instead of just replacing it.

Keep an eye on your activitiy monitor in Safari - anything you don't like the look of just add it into the hosts file. You'll be much better protected against spyware and click trackers.

How does one do that exactly?

TIA