Apple Preps Developers for Mac OS X 10.4.11 Update

Posted by:
Date: Wednesday, August 1st, 2007, 10:30
Category: Software

Late Tuesday, Apple began informing select developers that there will be at least one more maintenance update to Mac OS X 10.4 prior to the planned release of Mac OS X 10.5 this October.
According to AppleInsider, developers have yet to begin receiving the first pre-release seeds of the software version.
Sources close to the project have stated that an unresolved third-party webcam bug that arose with Mac OS X 10.4.10 may be targeted. The bug prevents third-party webcams from being detected as USB audio devices, thereby making them inaccessible as a USB audio device except when running under the Parallels Desktop for Mac virtualization software.
The webcam bug appears to only surface on Intel-based Macs. Apple has yet to comment on the issue or submit a fix for it.
Stay tuned for additional details as they emerge and if you’ve found problems or workarounds for bugs in Mac OS X 10.4.10, let us know in the forums.


iPhone Update 1.0.1 Released

Posted by:
Date: Wednesday, August 1st, 2007, 09:58
Category: iPhone

With the iPhone about a month into its product cycle, Apple has just released the first firmware update for the best-selling handset.
According to Gizmodo, the update, which is available through iTunes, makes the following changes and adds the following features:
Impact: Visiting a malicious website may allow cross-site scripting.
Description: Safari’s security model prevents JavaScript in remote web pages from modifying pages outside of their domain. A race condition in page updating combined with HTTP redirection may allow JavaScript from one page to modify a redirected page. This could allow cookies and pages to be read or arbitrarily modified. This update addresses the issue by correcting access control to window properties. Credit to Lawrence Lai, Stan Switzer, and Ed Rowe of Adobe Systems, Inc. for reporting this issue.
Impact: Viewing a maliciously crafted web page may lead to arbitrary code execution.
Description: Heap buffer overflows exist in the Perl Compatible Regular Expressions (PCRE) library used by the JavaScript engine in Safari. By enticing a user to visit a maliciously crafted web page, an attacker may trigger the issue, which may lead to arbitrary code execution. This update addresses the issue by performing additional validation of JavaScript regular expressions. Credit to Charlie Miller and Jake Honoroff of Independent Security Evaluators for reporting these issues.
Click the jump for the full story…


Apple Releases Security Update 2007 – 007

Posted by:
Date: Wednesday, August 1st, 2007, 08:13
Category: Software

On Tuesday, Apple released Security Update 2007 – 007, a collection of updates for the Mac OS X 10.3 (Panther) and Mac OS X 10.4 (Tiger) operating systems.
The update, which ranges between 14.2 megabytes and 63.3 megabytes depending on which version you download, applies security fixes to the following system components:
-Core Audio
-Quartz Composer
Security Update 2007 – 007 also incorporates the security fixes found in previous version of Apple’s security patches.
Users will need to have Mac OS X 10.3.9 installed for the update to be functional on the Mac OS X 10.3 operating system and Mac OS X 10.4.10 installed for the update to be functional on Mac OS X 10.4. The patch can be obtained through Mac OS X’s Software Update feature.
Given that this is a substantial update no matter how you slice it, any and all feedback would be appreciated. Let us know how the patch treats your computer over in the forums.


Apple Releases AirPort Extreme Update – 2007 – 004

Posted by:
Date: Wednesday, August 1st, 2007, 08:14
Category: Software

Late Tuesday, Apple released AirPort Extreme Update – 2007 – 004, a small update geared towards improving the reliability of wireless connections on the Intel-based MacBook and MacBook Pro laptops as well as the Mac Mini desktops.
The update is a 745 kilobyte download and requires Mac OS X 10.4 or later to run.
Users can also find the patch through Mac OS X’s Software Update feature.
If you’ve tried the update and had either a positive or negative experience with it, let us know in the forums.