Cocktail updated to 5.3

Posted by:
Date: Thursday, May 10th, 2012, 12:09
Category: News, Software

cocktaillogo.jpg

On Thursday, shareware developer Maintain released version 5.3 of CocktailCocktail (Lion Edition), the popular shareware utility program that allows for additional Mac OS X system tests. The new version, a 3 megabyte download, adds the following fixes and features:

- Added ability to clear DNS cache.

- Added ability to modify the delay for auto-show of the Dock (Interface – Dock).

- Added “Enable half-star ratings” iTunes setting (Interface – Misc).

- Added “Enable pop-up notifications in the Dock” iTunes setting (Interface – Misc).

- Added OS X 10.7.4 compatibility.

- Fixed compatibility issues with Adobe Creative Suite 6.

- Minor improvements to the scheduler.

- Updated Automator actions.

Cocktail 5.3 retails for a US$19.00 shareware registration fee and requires Mac OS X 10.7 or later to install and run.

Safari 5.1.7 nixes outdated Flash versions, focuses on security-based issues

Posted by:
Date: Thursday, May 10th, 2012, 06:32
Category: News, security, Software

safarilogo.jpg

When in doubt, go with the update.

Per AppleInsider, Apple on Wednesday released an update to its Safari web browser that automatically disables old versions of Adobe’s Flash Player as they don’t have the most up-do-date security features.

After pushing out OS X Lion 10.7.4 which included Safari version 5.1.6, Apple rolled out a separate update for the browser that can be downloaded by Mac OS X 10.7.3, Mac OS X 10.7.4 and Windows users.

According to the Safari 5.1.7 support page, the update is meant to disable older versions of Flash that pose a security risk as they lack the latest vulnerability patches.

Safari 5.1.7 will scan a Mac’s Flash assets for out-of-date software, disable it if found and inform the user via a dialog box. A link to Adobe’s website is integrated into the dialog so that users can easily locate and install the most current Flash Player.

If users need to roll back to a previous version of Flash, they must navigate to the “/Library/Internet Plug-Ins (Disabled)” folder on their Mac, drag “Flash Player.plugin” into the active “/Library/Internet Plug-Ins” folder and restart the browser.

Apple has become increasingly leery about third-party applications, perhaps due to the recent Flashback malware debacle that affected more than 600,000 Macs worldwide. One of the trojan’s first iterations was discovered in 2011 when it disguised itself as a Flash Installer, though the exploit had nothing to do with Adobe’s software.

Most recently, Apple released a Java update to cope with Flashback and even created a dedicated removal tool for those Mac owners who didn’t already have Java installed on their computers.

The Safari update comes in at 44.98MB download and can be acquired via Mac OS X’s Software Update feature.

Stay tuned for additional details as they become available.

Apple releases Security Update 2012-002 for Mac OS X 10.6 operating systems

Posted by:
Date: Thursday, May 10th, 2012, 06:23
Category: News, security, Software

snowleopard

Amidst yesterday’s update-o-rama, the Mac OS X 10.6 side of things received some attention as well.

On Wednesday, Apple released Security Update 2012-002, a patch designed to take care of the following security details highlighted here.

The update, which is designed for both Mac OS X 10.6 Client and Mac OS X 10.6 Server, weighs in as a 239 megabyte download and can also be located and installed via Mac OS X’s Software Update feature.

Security Update 2012-002 requires Mac OS X 10.6.8 or later to install and run.

Apple releases Safari 5.1.7 update

Posted by:
Date: Wednesday, May 9th, 2012, 14:59
Category: News, Software

safarilogo.jpg

On Wednesday, Apple released Safari 5.1.7, an update to its web browser. The new version, a 45 megabyte download, includes the following fixes and new features:

- Improve the browser’s responsiveness when the system is low on memory.

- Fix an issue that could prevent webpages from responding after using a pinch to zoom gesture.

- Fix an issue that could affect websites using forms to authenticate users.

- Disable versions of Adobe Flash Player that do not include the latest security updates and provide the option to get the current version from Adobe’s website.

Safari 5.1.7 requires an Intel-based Mac running Mac OS X 10.7.3 or later to install and run. If you’ve tried the new version and have any feedback to offer, please let us know.

Apple releases Mac OS X 10.7.4 update

Posted by:
Date: Wednesday, May 9th, 2012, 14:09
Category: News, Software

You’ve been hankering for this.

Late Wednesday, Apple released its Mac OS X 10.7.4 update. The update, a 693 megabyte download, offers the following fixes and changes:

- Resolve an issue in which the “Reopen windows when logging back in” setting is always enabled.

- Improve compatibility with certain British third-party USB keyboards.

- Addresses permission issues that may be caused if you use the Get Info inspector function “Apply to enclosed items…” on your home directory. For more information, see this article.

- Improve Internet sharing of PPPoE connections.

- Improve using a proxy auto-configuration (PAC) file.

- Address an issue that may prevent files from being saved to an SMB server.

- Improve printing to an SMB print queue.

- Improve performance when connecting to a WebDAV server.

- Enable automatic login for NIS accounts.

- Include RAW image compatibility for additional digital cameras.

- Improve the reliability of binding and logging into Active Directory accounts.

- The OS X Lion v10.7.4 Update includes Safari 5.1.6, which contains stability improvements.

The Mac OS X 10.7.4 updater requires an Intel-based Mac running Mac OS x 10.7 or later.

If you’ve tried the new operating system and have any feedback to offer, please let us know in the comments.

Security companies estimate that Flashback infection rate is remaining steady, advise users to run update/malware removal tools

Posted by:
Date: Wednesday, May 9th, 2012, 06:18
Category: News, security, Software

Ok, guys, it’s time to update your Mac and help bring down the Flashback trojan malware infection rate.

Per CNET, following an effort to estimate how many Macs remain infected with the Flashback malware, the data from these monitoring efforts have suggested that despite early reports of the malware levels sinking rapidly from efforts by Apple, news organizations, and anti-malware companies, the levels of infections appears to be remaining constant.

The spread Flashback malware was facilitated by a neglected security hole in Apple’s Java runtime for OS X, and at its peak had infected around one percent of Mac systems. To tackle the spread of the malware, initially news organizations covered methods for manually removing the malware, followed by security companies issuing malware removal tools to facilitate this process. Apple then released a series of Java updates to close the vulnerability and also scan for and remove known instances of the malware.

During the time of these infections, security companies set up sinkhole servers and other techniques to monitor the network traffic from the Flashback infections, and determine how many unique computers had been infected with the malware. Following the peak of the malware infection on August 6, initial reports from the anti-malware efforts suggested the infection rates had dropped significantly, with the number of infected Macs decreasing to a reported low of 30,000 in 10 days. However, despite these claims the malware has remained active, and adjustments have had to be made to these numbers.

Following the reports of success at tackling the malware, security company Dr. Web revealed errors in the malware estimation calculations and suggested that the number of infected systems was in fact much higher. Security companies followed this news with more conservative estimates that suggested a more shallow fall in the malware, to an estimated 140,000 systems in late April.

Despite the higher numbers, the number of malware infections did fall from its peak, though while some have hoped the number to fall far lower, the malware appears to have fallen to a revolving infection rate of just over 100,000 Mac systems. In a new report by Intego, the company claims that in the past week it has observed the following numbers from its sinkhole operation:

04/30/2012 – 102,769 infected Macs

05/01/2012 – 96,948 infected Macs

05/02/2012 – 103,779 infected Macs

05/03/2012 – 121,826 infected Macs

05/04/2012 – 102,375 infected Macs

05/05/2012 – 118,593 infected Macs

05/06/2012 – 113,909 infected Macs

Intego notes that these numbers are only the active infections it monitors on a day-to-day basis, and is not the total number of Macs infected. The malware is only active when a user logs in and thereby suggests that this activity difference reflects a steady state variance in when people are using their Macs, which will revolve as Macs are used more in some parts of the world than at others. Therefore the total number of infected systems will likely be much higher at around the 140,000 of previous recent estimates.

Intego has further noted that despite the initial impact in the malware’s activity by community efforts, the numbers appear to no longer be declining and show indications that they may even be increasing. Intego speculates the reason for this is that a small percentage of users have not taken any effort to either update their systems, but it may be more than just updating. Apple has only offered updates and malware removal options for OS X 10.6 and above (its supported versions). However, this malware will infect systems with older versions of OS X, so even if the older versions have been kept up to date, they will be left vulnerable without Apple issuing a proper Java fix. Not only can they still contain the malware, but they also will be subject to new infections by any of its variants.

In short, if you have a Mac running Mac OS X 10.6 or later, please update the Java updates via Mac OS X’s built-in Software Update feature. And for Apple, well, a Flashback removal update for Mac OS X versions previous to Mac OS X 10.6 or later wouldn’t hurt…

Rumor: AppleCare training schedule now pointing towards June launch of Mac OS X 10.8 (Mountain Lion)

Posted by:
Date: Wednesday, May 9th, 2012, 05:30
Category: Rumor, Software

No one ever said it was easy to keep a secret.

Per AppleInsider, the EMEA (Europe, Middle East and Africa) division of AppleCare is allegedly hiring and training new staff on certain aspects of Apple’s upcoming OS X 10.8 Mountain Lion, possibly hinting that a release date is soon to arrive.

According to an unnamed source familiar with the matter, AppleCare EMEA is hiring a number of new employees who will serve as customer support for the new operating system that has yet to receive an official launch date.

The source went on to say that Mountain Lion may be just a few weeks from launch as internal training recently commenced regarding certain facets of the operating system. Apple usually restricts the operating window of support staff training to a minimum before large product release presumably to avoid leaks.

Though purely speculation, the training could point to a OS X 10.8 debut at WWDC 2012 which is scheduled to take place from June 11 to June 15.

OS X 10.8 Mountain Lion was announced on Feb. 16 with an expected release date of summer 2012. Beyond the basic information provided on Apple’s website, developer previews have revealed that the new OS will offer a bevy of new features like Messages and more comprehensive integration with iCloud that will further blur the line between OS X and iOS.

Stay tuned for additional details as they become available.

Microsoft releases Office 2011 14.2.2, Microsoft Office 2008 12.3.3 updates for Mac

Posted by:
Date: Tuesday, May 8th, 2012, 12:14
Category: News, Software

On Tuesday, Microsoft released its Microsoft Office 2011 14.2.2 update. The update, a 110 megabyte download, adds the following fixes and features:

- This update includes fixes for vulnerabilities that an attacker can use to overwrite the contents of your computer’s memory with malicious code.

Microsoft Office 2011 14.2.2 requires an Intel-based Mac running Mac OS X 10.5.8 or later to install and run and for the Service Pack 1 updater to have been previously installed.

The company also released version 12.3.3 of its Microsoft Office 2008 suite for Mac. The update, a 217.9 megabyte download, offers the following fixes and features:

- The update includes fixes for vulnerabilities that an attacker can use to overwrite the contents of your computer’s memory with malicious code.

Microsoft Office 2008 12.3.3 requires Mac OS X 10.4.9 or later to install and run.

If you’ve tried the update and have anything to report back, let us know.

Apple signs iPhone 4, 4S, deals with three additional regional U.S. carriers, announces May 18th launch date

Posted by:
Date: Tuesday, May 8th, 2012, 12:21
Category: iPhone, News

If you were hoping for additional regional suppliers for the iPhone 4S, you’re in luck.

Per AppleInsider, Apple has finished several deals with smaller regional carriers in the U.S., as Kentucky’s Bluegrass Cellular, California’s Golden State Cellular, and Kansas’ Nex-Tech Wireless will begin offering the iPhone 4S on May 18.

The iPhone 4S will be available starting at US$149 for the 16-gigabyte model, US$249 for the 32-gigabyte model, and US$349 for the 64-gigabyte capacity. Those prices are US$50 cheaper than with the three major carriers in the U.S.

In addition, all three carriers will also offer Apple’s previous-generation 8-gigabyte iPhone 4 for US$49. Customers can pre-register for their purchase today.

The three carriers’ networks are based on the same CDMA wireless standard used by major U.S. carriers Verizon and Sprint. Bluegrass Cellular is headquartered in Elizabethtown, Ken., Golden State Cellular is based out of Jamestown, Calif., and Nex-Tech operates out of Hays, Kan.

A month ago, a total of five carriers announced they had signed a deal with Apple. Alaska Communications, Appalachian Wireless, Cellcom, GCI and nTelos all began selling the iPhone 4S and iPhone 4 on April 20.

Apple began expanding availability of the iPhone to smaller, regional carriers last October when a deal with C Spire Wireless was announced. That carrier has about 900,000 customers.

Only one of the four major U.S. carriers — T-Mobile — does not currently offer the iPhone, because of technical limitations. But that could change as soon as the end of this year, as the carrier plans to modify its network to allow compatibility with the iPhone’s HSPA+ wireless antenna for high-speed data.

Stay tuned for additional details as they become available.

Security hole found in FileVault under Mac OS X 10.7.3

Posted by:
Date: Tuesday, May 8th, 2012, 06:04
Category: News, security, Software

Ok, this isn’t the best news in the world…

Per Crytome, Apple’s legacy FileVault Mac encryption system in OS X 10.7.3 has a security flaw that could allow malicious users to access stored passwords. According to the post, the issue only applies in specific configurations to users who have updated to OS X 10.7.3, in which a system-wide debug file that displays login passwords in plain text is created.

“Thus anyone who can read files accessible to group admin can discover the login passwords of any users of legacy (pre LION) Filevault home directories who have logged in since the upgrade to 10.7.3 in early February 2012,” Emery explained.

The login data can also be viewed by booting a Mac into FireWire disk mode and reading it by opening the drive as a disk. The information can also be accessed by booting the Lion recovery partition and using the available superuser shell to mount the main file system partition.

Users can protect themselves from these methods by using the whole disk encryption capabilities of FileVault 2. Emery explained that this requires that a user know at least one login password before they can access the main partition of the disk.

Further protection can be achieved by setting a firmware password that must be supplied before a user can boot the recover partition or external media, or enter firewire disk mode.

“Having the password logged in the clear in an admin readable file *COMPLETELY* breaks a security model — not uncommon in families — where different users of a particular machine are isolated from each other and cannot access each others’ files or login as each other with some degree of assurance of security,” Emery wrote.

The bug was introduced with Apple’s OS X 10.7.3 update, which was issued in early February. The latest version of Lion came with Wi-Fi connectivity fixes and Windows file sharing compatibility.

Stay tuned for additional details as they become available.