Security Update 2006-007 Available

[MacRumors]

Now Available via Software Update:

Security Update 2006-007 is recommended for all users and improves the security of the following components:

AirPort
ATS
CFNetwork
Finder
Font Book
Font Importer
Installer
OpenSSL
PHP
PPP
Samba
Security Framework
VPN
WebKit
gnuzip
perl

For detailed information on this Update, please visit this website: http://docs.info.apple.com/article.html?artnum=61798

 

[Twinsbb17]

Apple saves the day again

 

[SciTeach]

I may not be a programmer but how does increasing the security of the FontBook protect my computer?!? Just Curious.

 

[iMeowbot]

Yay, they fixed the Installer hole! that one was just plain yuck.

 

[Thomas Harte]

No fix for the DMG bug as highlighted by the US CERT warning?

 

[ChrisA]

I may not be a programmer but how does increasing the security of the FontBook protect my computer?!? Just Curious.

They don't say but I assume it was possable for someone to make a carefully constructed "Trojan Horse" font such that when you tried to view it in Font Book something unexpected would happen. Likely Font Book failed to check for a buffer overflow and is corrected in this release.

 

[war]

I may not be a programmer but how does increasing the security of the FontBook protect my computer?!? Just Curious.

Problems with font book can actually cause problems with the rest of the system. Back when I was still using 10.2 I have some bad fonts in fontbook that kept causing problems with the entire system. As soon as I removed the fonts the problems stopped. It seemed weird to me too but it worked.

 

[Westside guy]

I may not be a programmer but how does increasing the security of the FontBook protect my computer?!? Just Curious.

Wish I could remember the specifics, but I remember reading (some years ago) how the way fonts are rendered makes them somewhat similar to executables. This is, if I remember correctly, not OS specific - the same theoretical issues exist in Windows, X11 font rendering, etc.

Sorry, I realize that without the specifics this raises more questions than it answers. But basically fonts are, theoretically at least, a potential exploit path.

Edit: Looks like the Linux on the XBox folks use this sort of thing to their advantage.

 

[e12a]

My C2D mbp booted up slow after installing this update. (after the initial restart. have yet to restart a second time).

 

[Westside guy]

Hey, anyone else notice that Apple included a patch for the vulnerability recently found in the old Airport cards? That's pretty cool.

 

[koobcamuk]

I noticed this update before anyone even posted on here. Yippee to me.

Debating whether to install it on just the PPC or the Intel... any advice? I use the MB daily, but the iMac is the trustworthy machine.

 

[Mitthrawnuruodo]

Well, so much for the latest batch of "vulnerabilities"...

Weighing in at slightly chubby 23.9 MB... thorough...

 

[Markleshark]

Is it just me or is Safari... lol... Nahhhh

 

[koobcamuk]

11.8MB on the PPC. Just doing both machines now. Bored.

 

[iMikeT]

Why do people give a topic like this negative votes?

 

[brepublican]

Is it just me or is Safari... lol... Nahhhh

Yeah he went there

I'm waiting. Playing it safe, as always

 

[Bob Knob]

No Intel 10.4.7 version

Hmm, there doesn't seem to be a version for 10.4.7
No matter what I've tried so far, 10.4.8 kernel panics my MPB.

 

[todd2000]

Hmm, there doesn't seem to be a version for 10.4.7
No matter what I've tried so far, 10.4.8 kernel panics my MPB.

"Repair Your Permissions" LOL I Kid...I Kid

 

[g7by08believeit]

Hmm, there doesn't seem to be a version for 10.4.7
No matter what I've tried so far, 10.4.8 kernel panics my MPB.

Sounds like you got one of those defective MPB's

I'd trade it in for a MBP

 

[Bob Knob]

"Repair Your Permissions" LOL I Kid...I Kid

I wish!
This is the first update since the 10.1.x days that went bad for me on any of my Macs. I've done all the usual... permissions, combo updaters, pulling ram... nothing seems to help with this one.
When I can afford some down time it looks like I'm going to be forced to reinstall the OS from the original discs and try to update from there.

 

[koobcamuk]

Reset the wallpaper on the G5. Weird. Safari was a bit fruity too. Thought I would plunge in as I will only forget to do it if not.

 

[TheBobcat]

Hopefully these don't force me to validate my copy of OSX...

I paid for my XP you MS-mother%&$&*(!!!!!!!!!

 

[Bob Knob]

Sounds like you got one of those defective MPB's

I'd trade it in for a MBP

Grr... That's what I get for tying to type after a 20+HR day

 

[iJawn108]

I just went on my old timer PC that my mom has now claimed to see if their were updates all I got was mediaplayer 11 and was disapointed. I love updating my mac so this should be fun.

Will it give me a loud frightening screech like last time, you will all know soon.

 

[Nuks]

I can't get it to install on my CD macbook.

I get this: A networking error has occurred: timed out (-1001). Make sure you can connect to the Internet, then try again.

I am connected....

Any help?
Thanks.