The Mac Observer

Skip navigational links

You're viewing an article in TMO's historic archive vault. Here, we've preserved the comments and how the site looked along with the article. Use this link to view the article on our current site:
Apple Releases Security Update For Software Update Hole

Apple Releases Security Update For Software Update Hole

by , 7:00 AM EDT, July 15th, 2002

Earlier this month Russell Harding of the University of Colorado released an advisory which said that Apple's Software Update client is a security hole through which hackers may sneak malicious code into your OS X running Mac. Apple has quickly responded to the alert, and released an update to the Software Update client late Friday that addresses the problem. From Apple:

Security Update 7-12-02 increases the security of the Software Update process for systems with Software Update client 1.4.5 or earlier. Packages presented via the Software Update mechanism are now cryptographically signed, and the new Software Update client 1.4.6 checks for a valid signature before installing new packages. Downloaded packages which do not contain a valid signature are deleted from the system.

Security Update 7-12-02 may be obtained via the Download link on this page (requires Mac OS X 10.1 or later) and will be available soon through the Software Update pane in System Preferences (requires 10.1.1 or later).

We highly recommend that to download the Security Update 7-12-02, which can be found at Apple's Knowledge Base site, Version Tracker, and, interestingly enough, through Software Update via Apple/System Preference in OS X.

The Mac Observer Spin:

Kudos to Apple for being so quick on releasing this patch. It took about 4 days for the company to release the patch after the exploit was found. Big Redmond might want to take notes...

When the news of this particular security hole broke Apple's reputation took a hit. Some of the more ill-informed believed that this problem proved that OS X was not as secure as it was believed to be. The reasoning behind such beliefs are simple, but misleading: if one can load an application on your computer which, when ran, compromises the computer, then there is no security. The reality is that anytime you download software from the Internet you run the risk of getting malicious code, regardless of the OS.

Macs have been historically free of viruses and such, with one of the biggest reasons for this being that there were comparatively few of them. Virus writers wanted to inflict the most amount of damage with the least amount of work, so Microsoft has usually been their target. Oh, and there's the little fact that Microsoft has paid no attention to security until recently, and has released some of the sloppiest code in the history of computing.

For Apple, the world of security for Apple is a different place. The FreeBSD core inside OS X is no less secure than any other UNIX variant, and because Apple has locked down normally open accesses in OS X, users should find that Apple's new OS is every bit as secure as the old Mac OS. Still Apple does have to be more vigilant because of the multi-user nature of UNIX, and because it has to maintain a certain level of ease-of-use, which can cause problems such as the Software Update hole. It is good to see that Apple responds to these problems quickly and efficiently, which should do a lot to calm any potential worries over OS X's security.

Recent Headlines - Updated July 28th

Mon,7:56 PM
Blockchain.info Brings Bitcoin Wallet App Back to App Store
6:56 PM
‘Another One Bites The Dust’ Played Using Disk Drives
5:57 PM
Lord & Taylor, Hudson’s Bay Company Deploy iBeacons in Stores
5:18 PM
The Mac Mastery Training Bundle: $29
4:39 PM
Hilton to Turn Your iPhone into Your Hotel Room Key
3:55 PM
OS X Yosemite: What Does That Little Green Button do NOW?
2:02 PM
TMO Daily Observations: 2014-07-28
10:55 AM
Apple Ready to Buy Swell Talk Show App in $30M Deal
10:09 AM
Report Claims Retina MacBook Pro Speed Bump Coming Tuesday
9:04 AM
EU Greenlights Apple’s Beats Acquisition
Fri,9:03 PM
3 Free iOS Apps To Help You Find Something To Watch
8:57 PM
9 Swift Resources for iOS 8 Developers
  • __________
  • Buy Stuff, Support TMO!
  • Podcast: Mac Geek Gab
  • Podcast: Apple Weekly Report
  • TMO on Twitter!