The Mac Observer

Skip navigational links

Featured Article: Podcast - Apple Weekly Report #133: Apple's Stock Roller Coaster & Ballmer Bonanza

Apple Releases Mac OS X Security Patch Addressing 25 Issues

by , 6:45 PM EDT, April 19th, 2007

Apple released Security Update 2007-004 for Mac OS X 10.3.9 and Mac OS X 10.4.9. The update addresses some 25 different issues for 19 different Mac OS X components. All of them are issues that would have potentially allowed either arbitrary code execution or a bad guy to gain access to your Mac with "escalated privileges."

The patch notes from Apple:

Security Update 2007-004 is recommended for all users and improves the security of the following components:

  • AFP Client
  • AirPort
  • CarbonCore
  • diskdev_cmds
  • fetchmail
  • ftpd
  • gnutar
  • Help Viewer
  • HID Family
  • Installer
  • Kerberos
  • Libinfo
  • Login Window
  • network_cmds
  • SMB
  • System Configuration
  • URLMount
  • Video Conference
  • WebDAV

You can find detailed information on this patch at Apple's security site. The update weighs in at 10 MB.

Observer Comments

Show: Subjects Only | Full Comments
View Name:Guest
Subject:
Close Name:mahuti -   TMO Staff Posts: 371 Joined: 09 Jan 2003
Subject:

Quote
Guest wrote:
Remember when everyone was saying those vulnerabilities weren't even valid? Apple disagreed with you so much, they've been releasing security updates every month since then addressing these holes!


I agree with you 100%, and share your happy enthusiasm for such a great company. It really is amazing that Apple chooses to address even the most frivolous & minor security issues during the same quarter that the issues are raised, unlike some other non-security minded OS producers.

View Name:Guest
Subject:
Close Name:mahuti -   TMO Staff Posts: 371 Joined: 09 Jan 2003
Subject: *rolls eyes*

Oh mr. sillypants. I'm just funnin ya.

View Name:Guest
Subject:
Close Name:Sir Harry Flashman Posts: 750 Joined: 08 Feb 2007
Subject: Troll alert

Quote
Guest wrote:
haha, last week, OS X is the most secure OS in history, this week, 25 more security holes fixed. at least three of them are from MOAB back in January.

Remember when everyone was saying those vulnerabilities weren't even valid? Apple disagreed with you so much, they've been releasing security updates every month since then addressing these holes!

Close Name:LaurieF -   TMO Forum Mod Posts: 3528 Joined: 15 Jun 2001
Subject:

You know the old joke about arguing with trolls being like wrestling with a pig: you get dirty, and the pig enjoys it.

Just ignore the little bastards.

Close Name:Rainy Day Posts: 607 Joined: 07 Jun 2005
Subject: Pigs

Quote
LaurieF wrote:
You know the old joke about arguing with trolls being like wrestling with a pig: you get dirty, and the pig enjoys it.
“If you wrestle a pig, you only get dirty and the pig has all the fun.” -- Dharma Montgomery

Close Name:Sir Harry Flashman Posts: 750 Joined: 08 Feb 2007
Subject: Meanwhile back at the ranch

MicroSoft is having problems with a patch they issued early in April that has caused even more security problems. See http://www.microsoft.com/technet/security/Bulletin/MS07-017.mspx

Close Name:coaten Posts: 3021 Joined: 10 Oct 2001
Subject:

Quote
Anonymous wrote:
haha, last week, OS X is the most secure OS in history, this week, 25 more security holes fixed. at least three of them are from MOAB back in January.

Remember when everyone was saying those vulnerabilities weren't even valid? Apple disagreed with you so much, they've been releasing security updates every month since then addressing these holes!


OK, OK, hang on, hang. Let me get this right. You're saying that last week, or some last week, not actually last week because, like, you know, this week isn't the same week as the week this item was first posted, which means of course that last week is a kind of relative term or something. You know? Anyway, so the previous week of some previous week, OS X was the most secure OS in history, and then this week, which is as relative a term as the previous one, OS X has 25 less vulnerabilities than when it was the most secure OS in history.

So you're saying, what... that the term "infinity plus one" is a valid concept? Hmmm, so all those primary school taunts were actually meaningful. Like... somebody could throw a ball further than me infinity plus one times and that this feat was actually possible.

I think I need to review the meaning of superlatives, 'cos obviously I'm not grasping some basic tenents here that should be cleared up before I go any further in life believing that "most" and "ever" are two words that can co-exist in the same assertion as "25 more".

I'm such a dunce.

View Name:Guest
Subject:
Close Name:Sir Harry Flashman Posts: 750 Joined: 08 Feb 2007
Subject: WTF

Quote
Guest wrote:
Quote
Sir Harry Flashman wrote:
MicroSoft is having problems with a patch they issued early in April that has caused even more security problems. See http://www.microsoft.com/technet/security/Bulletin/MS07-017.mspx


that's funny, inferiority complex much? for some reason, whenever there is criticism of an Apple OS, Apple nuts are the first to bring up Microsoft, and then they spell the name wrong.


1. I did not misspell MicroSoft.

2. I merely pointed out the truth about MicroSoft's notorious security problems.

3. I do not have inferiority complex. If anything I feel superior about using OSX and Macs.

Close Name:Small White Car Posts: 1960 Joined: 02 Jul 2004
Subject:

Quote
Guest wrote:
haha, last week, OS X is the most secure OS in history, this week, 25 more security holes fixed


The fact that they fix problems is what MAKES it secure.

This isn't hard.

Close Name:Biff Posts: 1479 Joined: 08 Apr 2004
Subject:

Quote
Guest wrote:
that's funny, inferiority complex much? for some reason, whenever there is criticism of an Apple OS, Apple nuts are the first to bring up Microsoft, and then they spell the name wrong.
LOL. Which color did you say that kettle was?

View Name:Guest
Subject:
View Name:Guest
Subject:
View Name:Guest
Subject:
Close Name:Small White Car Posts: 1960 Joined: 02 Jul 2004
Subject:

Quote
Guest wrote:

The fact that it takes them over 3 months to fix publicly known vulnerabilities kind of makes it obvious that claiming to be the most secure OS is pure bloviating. You're right, it's not hard at all.


Oh, right. I forgot.

This is related to that report where Microsoft fixed 12 severe threats in 21 days while Apple fixed 1 their severe threat in 66 days.

Me? I'll take the system with 1 threat to start. That's a total of 66 days that 1 threat was a problem.

You'd prefer to have the equivalent of 252 threat-days (12x21) on your system.

That's fine if that's what YOU want, but you're never going to convince US that 252 days of threats is better than 66 days.

So what are you doing here?

View Name:Guest
Subject:
Close Name:Small White Car Posts: 1960 Joined: 02 Jul 2004
Subject:

Quote
Guest wrote:

Also, who cares about that report from before people started paying attention to Mac OS X


March of 2007 is too old to remember? I guess things do change quickly in this business.

Well, if March doesn't matter anymore I guess I can look forward to forgetting all about THIS news by May.

Quote
Guest wrote:
That math doesn't reflect reality. When a flaw is first discovered, there is no exploit running around. Exploit code, like all software, takes time to develop, test and deploy. The turn around time for a patch is what matters.


OH! I get it. It's the EXPLOIT that matters, not the proof. That's what you're saying?

I wasn't getting that before.

Now that I know, I feel a lot better since none of these things here have been exploited. So, really, it's like they don't matter at all, I guess.

Good to know!

View Name:Guest
Subject:
Close Name:LaurieF -   TMO Forum Mod Posts: 3528 Joined: 15 Jun 2001
Subject:

Cut out the FUD, troll. You're just here to bag Apple, but I can't let it go.

So there are eleventy-three potential flaws in the OS - who gives a stuff? How many have been taken advantage of - that is, how many Macs have actually been compromised? That's the figure I want to have identified by you, because the latest figure I have (apart from possibly fifty isolated iChat users) is zero.

View Name:Guest
Subject:
View Name:Guest
Subject:
Close Name:LaurieF -   TMO Forum Mod Posts: 3528 Joined: 15 Jun 2001
Subject:

I did not miss the point. I did not fall into any trap. You are a troll. You don't register, yet you, whoever you (plural) are, see fit to say whatever you like to show that the Mac's security is fatally flawed, and Apple's support is flawed. They aren't.

I can't prove that there haven't been any breakthroughs into my computers. However, I have sufficient proof to show that my security is at least adequate. All the Mac users I know are without any malware on their computers. (And before you say, "You can't possibly know that.", you're technically correct - but I'm talking about a level of confidence.)

Even without having hardware firewalls and virus checkers, the average Mac user retains a level of security that is way above average. How do I know? Empirical evidence shows it to be secure. I don't care that you say that this is a wrong conclusion to take - OS X has been around for over six years now, and despite all the potential holes, none have effectively been exploited.

So if Apple takes what you consider to be a long time to plug the holes, what of it? The holes are plugged, but in the meantime nothing gets through. Microsoft plugs its holes, you say, much more quickly. But its holes are exploited. Go and argue the latter point on a Microsoft advocacy board.

As I have said elsewhere, no-one has been shown to have broken into any Mac anywhere in the world without the (at least) carelessness of the user. No malware has ever been shown to have propagated through more than a handful (way less than a hundred) of computers.

If you were genuinely interested in Apple, and didn't come here to slag it off, you'd probably be here to read what others have written and at least partially digest it. Instead you vomit up your own misinterpretations, bile and misinformation.



Last edited by LaurieF on Sun Apr 22, 2007 7:03 am; edited 1 time in total
Reply | Quote
Close Name:DaiMac Posts: 952 Joined: 29 Jun 2001
Subject:

Quote
Anonymous wrote:
are you afriad?


Well, while Google had some interesting things to say as to what a Friad might be, I don't quite see what that has to do with visiting a page on Apple's website...

I'd also like to take this moment to thank Guest, Anonymous, and Seth McFarlane, without whom I wouldn't laugh nearly as often. The best thing is that while hardworking, creative people like Seth eventually get bored and/or die off, Anonymous and Guest posters saying stupid things from behind the safety of their cheap, nicotine-stained LCD screens is forever, even if one troll wises up and gets a life there will always be another to replace them.

It would almost be tragic if it weren't so damned funny

View Name:Guest
Subject:
View Name:Guest
Subject:
View Name:Guest
Subject:
Comment on this Article


You cannot edit your comments.   You cannot delete your comments.
Log in | Register | Having Problems? Reset TMO Cookies & Try Again
Username:   Password:   Log me on automatically each visit   

You are not logged in, and this post will appear as "Guest." Log in with your username and password from the TMO forums. If you do not have a username, you can register here.
Please note that guests are limited to including a maximum of two URLs per post.


Post A Comment
  Subject


  Your Comments



Please enter the word exactly as you see it in the image above. Registered users aren't prompted for this. Having trouble reading the image get a new one.


Recent Headlines - Updated Monday, October 6th, 2008

Mon., 4:20 PM
TMO Reports - Antitrust case Against Apple, AT&T To Proceed
2:25 PM
iPodObserver - kickBACK iPhone Clear Case Introduced with Kickstand
2:05 PM
AAPL Drops 8.4% Amidst Broader Tech Selloff
1:50 PM
9to5Mac: Apple's Brick is a New Manufacturing Process
1:30 PM
iPodObserver - NPD: A Third of iPhone 3G Buyers are Switchers
12:50 PM
Nick DePlume Resurfaces, Says Apple's Gone Soft on Rumors
10:30 AM
Hot Forum Topic - Has Apple Sold 10 Million iPhones?
9:55 AM
Dragoman 1.4 Gets German Localization
9:20 AM
Dream Capture 2.2 Adds H.264 Support
8:45 AM
Monday's Mac Gadget - Want Full Remote Control Action? Check Out Mira!
8:10 AM
SEC Launches Investigation in Jobs Heart Attack Rumor
7:30 AM
TMO Quick Tip - iCal: Finding Shared Calendars
 

The Mac Observer Reader Specials

  • Special Report: iPhone
  • __________
  • Help TMO Grow
  • Macworld Expo - Hotel Deal
  • Podcast: Mac Geek Gab
  • Podcast: Apple Weekly Report
  • TMO on Twitter!

Apple Stock Quote

  • AAPL: $98.14. Change Today: 0.00.
  • (Prices delayed up to 20 minutes.)
  • Discuss in our Apple Finance Board

Hot Topics

Apple iTunes

Top Deals From DealsOnTheWeb