The Mac Observer

Skip navigational links

You're viewing an article in TMO's historic archive vault. Here, we've preserved the comments and how the site looked along with the article. Use this link to view the article on our current site:
Apple Releases Security Update For Software Update Hole

Apple Releases Security Update For Software Update Hole

by , 7:00 AM EDT, July 15th, 2002

Earlier this month Russell Harding of the University of Colorado released an advisory which said that Apple's Software Update client is a security hole through which hackers may sneak malicious code into your OS X running Mac. Apple has quickly responded to the alert, and released an update to the Software Update client late Friday that addresses the problem. From Apple:

Security Update 7-12-02 increases the security of the Software Update process for systems with Software Update client 1.4.5 or earlier. Packages presented via the Software Update mechanism are now cryptographically signed, and the new Software Update client 1.4.6 checks for a valid signature before installing new packages. Downloaded packages which do not contain a valid signature are deleted from the system.

Security Update 7-12-02 may be obtained via the Download link on this page (requires Mac OS X 10.1 or later) and will be available soon through the Software Update pane in System Preferences (requires 10.1.1 or later).

We highly recommend that to download the Security Update 7-12-02, which can be found at Apple's Knowledge Base site, Version Tracker, and, interestingly enough, through Software Update via Apple/System Preference in OS X.

The Mac Observer Spin:

Kudos to Apple for being so quick on releasing this patch. It took about 4 days for the company to release the patch after the exploit was found. Big Redmond might want to take notes...

When the news of this particular security hole broke Apple's reputation took a hit. Some of the more ill-informed believed that this problem proved that OS X was not as secure as it was believed to be. The reasoning behind such beliefs are simple, but misleading: if one can load an application on your computer which, when ran, compromises the computer, then there is no security. The reality is that anytime you download software from the Internet you run the risk of getting malicious code, regardless of the OS.

Macs have been historically free of viruses and such, with one of the biggest reasons for this being that there were comparatively few of them. Virus writers wanted to inflict the most amount of damage with the least amount of work, so Microsoft has usually been their target. Oh, and there's the little fact that Microsoft has paid no attention to security until recently, and has released some of the sloppiest code in the history of computing.

For Apple, the world of security for Apple is a different place. The FreeBSD core inside OS X is no less secure than any other UNIX variant, and because Apple has locked down normally open accesses in OS X, users should find that Apple's new OS is every bit as secure as the old Mac OS. Still Apple does have to be more vigilant because of the multi-user nature of UNIX, and because it has to maintain a certain level of ease-of-use, which can cause problems such as the Software Update hole. It is good to see that Apple responds to these problems quickly and efficiently, which should do a lot to calm any potential worries over OS X's security.

Recent Headlines - Updated October 22nd

Tue,8:51 PM
GTAT Announces ‘Amicable Parting’ of Ways with Apple
6:50 PM
How I Came to Own and Sell a TAM Probably Owned by Jony Ive
5:01 PM
Adobe KnowHow: Learn Photography From The Best for $29.99
4:49 PM
How To Get Ready For iOS 8.1 [Update]
2:59 PM
Chuck La Tournous and Chris Breen to Speak at NJMUG’s 30th Anniversary Tuesday
2:24 PM
Don’t Upgrade to Yosemite or iOS 8.1 Before You Read This Column
2:06 PM
TMO Daily Observations: 2014-10-21
12:29 PM
How Apple Pay Mitigates Breach Fatigue
10:50 AM
How to Enable Apple’s SMS Relay on your Mac or iPad
9:43 AM
Apple Earnings Smackdown Ranks Analyst Predictions
Mon,9:52 PM
Apple Q4 Earnings Sliced And Diced
8:21 PM
Apple Q4 MacBook Sales Hit Record Breaking Numbers, Jump 25 Percent
  • __________
  • Buy Stuff, Support TMO!
  • Podcast: Mac Geek Gab
  • Podcast: Apple Weekly Report
  • TMO on Twitter!