Microsoft Releases Office 2004 11.5.5, Office 2008 12.1.9 and Open XML Converter 1.0.3 Updates

Posted by:
Date: Wednesday, June 10th, 2009, 09:47
Category: Software

microsoftlogo.jpg
On Tuesday, Microsoft released updates for both its Office 2004 and Office 2008 suites for the Mac.
Microsoft Office 2004 version 11.5.5, a 59.2 megabyte download through the AutoUpdate program, offers stability and performance fixes and repairs a vulnerability in which an outside party could insert malicious code.
The program requires Mac OS X 10.2.8 or later to install and run.
The company also released Microsoft Office 2008 12.1.9, a 267.7 megabyte download through the AutoUpdate program that offers improvements to enhance security, stability, and performance, including fixes for vulnerabilities that an attacker can use to overwrite the contents of your computer’s memory with malicious code.
Microsoft Office 2008 requires Mac OS X 10.4 or later to install and run.
Finally, the company released Open XML Converter 1.0.3, the latest version of its XML file translation application. The new version, a 44.8 megabyte download, also improves security and prevents malicious code from being activated on your computer. The update can also be installed via the Microsoft AutoUpdate application.
Open XML Converter 1.0.3 requires Mac OS X 10.4 or later to install and run.

Adobe Reader Updated to 9.1.2

Posted by:
Date: Wednesday, June 10th, 2009, 09:59
Category: Software

readericon.jpg
On Tuesday, Adobe released version 9.1.2 of its free Reader program. The program, which has long been a staple for viewing and printing Portable Document Format (PDF) files, addresses a number of customer workflow issues and critical security vulnerabilities.
Adobe Reader 9.1.2 requires Mac OS X 10.4 or later to run and its download file size varies depending on version chosen. The update can also be snagged and installed via the “Check for Updates Online” option, which can be pulled down from Adobe Reader’s Help menu.

Apple Releases AirPort Utility 5.4.2

Posted by:
Date: Thursday, June 4th, 2009, 08:43
Category: Software

airportupdate.jpg
Late Wednesday, Apple released version 5.4.2 of its AirPort Utility application for Mac OS X. The new version, a 16.9 megabyte download, provides the following fixes and changes:

  • An issue causing AirPort Utility to be unable to read certain AirPort wireless device configurations.
  • An issue causing AirPort Utility to sometimes be unable to discover an AirPort wireless device when Back To My Mac is enabled.
  • An issue causing AirPort Utility to sometimes be unable to download firmware.
  • An issue causing AirPort Utility to not correctly import Access Control Lists created in AirPort Admin Utility 4.x
  • Added the ability in AirPort Utility to show all wireless passwords in the “Equivalent Network Password” sheet.
  • AirPort Utility 5.4.2 requires Mac OS X 10.4 or later to install and run.

    Apple Releases QuickTime 7.6.2 Update

    Posted by:
    Date: Tuesday, June 2nd, 2009, 07:09
    Category: Software

    quicktimelogo.jpg
    On Monday, Apple released the latest version of QuickTime, its multimedia support system for Mac OS X and Windows. The new version, known as QuickTime 7.6.2, is available as a variably-sized download (depending on version chosen through the download page), improves reliability, application compatibility and addresses security issues.
    The update requires Mac OS X 10.4 or later to install and run and can be located and snagged via Mac OS X’s built-in Software Update feature.

    Intego Warns of Unrepaired Security Vulnerability in Mac OS X

    Posted by:
    Date: Thursday, May 21st, 2009, 08:48
    Category: Software

    applelogo1.jpg
    Security firm Intego has warned that a critical security vulnerability within the current version of Java has gone unrepaired for months and may place Mac OS X users at risk.
    According to the company’s web site, the current version of Java incorporates a serious flaw that could allow local code on a user’s Mac to be executed remotely.
    “This can lead to ‘drive-by attacks,’ where users are attacked simply by visiting a malicious web site and loading a web page,” the firm said.
    The exploit could allow a third-party to execute code, access or delete files, or run applications on the compromised machine. Combined with other exploits, outside parties could even potentially run system-level processes and gain total access over the affected Mac.
    Given that the vulnerability relies solely on Java, no native code is required to execute the flaw, which theoretically exists in all browsers on all platforms that have not been patched. This is the case with Mac OS X 10.5.7 and earlier, meaning the vulnerability affects even the update released just a week ago.
    The firm claims that Apple has been aware of the exploit for at least five months, when it was publicly disclosed and fixed by Sun, but has yet to issue a security patch. The exploit was first discovered by Landon Fuller, who has released a proof of concept via his blog that outlines the security hole.
    Intego has stated that it has not found any malicious applets in the wild thus far, but the publicity around this vulnerability may entice hackers to target the exploit before Apple issues a security update. The firm’s VirusBarrier X5 already blocks potential malware but unless users are sure they trust the site they’re viewing, simply disabling Java in the browser may provide the best protection while Apple works on a fix.
    To disable Java, launch Safari, choose Safari > Preferences, click the Security tab, and uncheck “Enable Java” if it is checked. In Firefox, this setting is found on the Content tab of the program’s preferences. It is safe to leave JavaScript activated, since the vulnerability only affects Java applets.

    Apple Releases Mac OS X 10.5.7 Update

    Posted by:
    Date: Wednesday, May 13th, 2009, 09:32
    Category: Software

    applelogo1.jpg
    After months of anticipation, Apple has released Mac OS X 10.5.7, the latest update for its Leopard operating system. According to Macworld, the update includes more than 20 major updates as well as security fixes.
    Included within the fixes are additional RAW image support for third-party digital cameras, improved performance of video playback for recent Macs with Nvidia graphics chips, and resolution for an issue with the Dvorak keyboard layout in 10.5.6.
    The update also features fixes to help resolve third-party network services such as improved reliability in syncing contacts with Yahoo and a fix for issues that could occur when logging into Google’s Gmail. The update also improves the reliability and accuracy of several of OS X’s Dashboard widgets, like Unit Converter, Weather, Stocks, and Movies.
    Apple-specific fixes within the update include improved reliability for iCal’s CalDav, better syncing with MobileMe, improved Notes syncing within Apple Mail and a bug fix where Apple Mail’s BCC field populated incorrectly in certain cases. Apple also improved consistency with Parental Controls and fixed a bug with the system when using full-screen games and Fast User Switching, and also fixed several printing issues, including adding the ability for non-admin users to add and remove printers.
    Other fixes include a number of security fixes in the update for the Apache Web server, PHP, CoreGraphics, as well as patches for three separate vulnerabilities discovered as part of Tipping Point’s Zero Day Initiative, which appear to be the same ones demonstrated at the CanSecWest security conference last March. The fixes address issues in Apple Type Services, QuickDraw Manager, and WebKit, each of which could lead to arbitrary code execution.
    Apple also released Mac OS X Server 10.5.7 Update, which rolls out fixes for a number of systems, including Client Management, Directory Services, AFP Server, System Image Utility, and more. The update also includes improved kernel stability and a number of security enhancements which had not been detailed at this writing.
    The Mac OS X 10.5.7 update is available via Mac OS X’s built-in Software Update feature and is recommended for all users running Mac OS X Leopard. A combo updater, weighing in at a hefty 729MB download, is also available for those upgrading from versions of Leopard previous to 10.5.6.
    Finally, if you’ve installed Mac OS X 10.5.7 and have any feedback, positive or negative to offer about it, let us know and we’ll see that it’s published by Friday.

    Mozilla Releases Firefox 3.0.10 Update

    Posted by:
    Date: Tuesday, April 28th, 2009, 07:17
    Category: Software

    firefox.jpg
    Early Tuesday, Mozilla.org released version 3.0.10 of its Firefox web browser.
    The new version, a 17.3 megabyte download, sports the following fixes and changes:

  • Fixed a security issue.
  • Fixed a major stability issue.
  • The program requires Mac OS X 10.4 or later to install and run.

    (more…)

    Mozilla Releases Firefox 3.0.9 Update

    Posted by:
    Date: Wednesday, April 22nd, 2009, 08:02
    Category: Software

    firefox.jpg
    Early Wednesday, Mozilla.org released version 3.0.9 of its Firefox web browser.
    The new browser, a 17.3 megabyte download, sports the following fixes and changes:

  • Fixed several security issues.
  • Fixed several stability issues.
  • Many users experienced an issue where a corrupt local database caused Firefox to “lose” its stored cookies. (bug 470578)
  • Fixed an issue where, starting with Firefox 3.0.7, inline image attachments on popular webmail services (like AOL and AIM) would not display. (bug 482659)
  • Large forms would sometimes take a long time to submit. (bug 426991)
  • In certain cases, new windows would not have proper focus. (bug 446568)
  • The program requires Mac OS X 10.4 or later to install and run.

    Mac Hacker Charlie Miller Locations Additional Security Hole in iPhone

    Posted by:
    Date: Friday, April 17th, 2009, 07:33
    Category: iPod, security

    3giphone.jpg
    Mac hacker Charlie Miller, a principal security analyst at Independent Security Evaluators and the winner of the the CanSecWest security conference hacking contest two years straight, has detailed his latest find wherein he was able to run shellcode on an iPhone.
    According to Macworld UK, it was widely believed by many security researchers that it wasn’t possible to run shellcode on an iPhone. Shellcode is code that can run from a command line, but the iPhone was thought not to allow it for security reasons.
    If pulled off correctly, shellcode allows users to perform malicious actions such as gaining access to a users text messages or call history from a remote location.
    Earlier versions of the iPhone OS firmware didn’t have many protections to prevent people from tampering with its memory to run other commands, Miller said. But the latest version of the iPhone’s software strengthened the overall security of the phone, Miller said.
    In his report, Miller detailed how he was able to trick the iPhone into running code which then enabled shellcode. To pull this off, Miller said he needed to have a working exploit for an iPhone and a means of targeting a vulnerability in the software such as the Safari web browser or the iPhone’s operating system.
    Miller said he doesn’t have one now but stated that if someone did, “this would allow you to run whatever code you want,” Miller said in an interview after his presentation.
    In 2007 Miller and some of his colleagues did find a vulnerability in mobile Safari that would allow an attacker to control the iPhone. Apple was immediately notified and later issued a patch for the problem.
    Miller said he isn’t sure if Apple is aware of the latest issue and stopped short of calling the problem a vulnerability, saying instead that Apple engineers may have overlooked the issue. Apple also has never come out publicly and said it is impossible to run shellcode on an iPhone, he said.

    (more…)

    Microsoft Releases Office 2004 11.5.4, Office 2008 12.1.7 Updates

    Posted by:
    Date: Wednesday, April 15th, 2009, 07:17
    Category: Software

    microsoftlogo.jpg
    On Tuesday, Microsoft released updates for both its Office 2004 and Office 2008 suites for the Mac.
    Microsoft Office 2004 version 11.5.4, a 9.7 megabyte download through the AutoUpdate program, offers stability and performance fixes and repairs a vulnerability in which an outside party could insert malicious code.
    The program requires Mac OS X 10.2.8 or later to install and run.
    The company also released Microsoft Office 2008 12.1.7, a 267.7 megabyte download through the AutoUpdate program that offers improvements to enhance security, stability, and performance, including fixes for vulnerabilities that an attacker can use to overwrite the contents of your computer’s memory with malicious code.
    Additional details regarding the update can be found here.
    Microsoft Office 2008 requires Mac OS X 10.4 or later to install and run.

    (more…)