iEntry 10th Anniversary RSS Archive

IT Management Begins With Security
SecurityProNews > News > Security News > Apple Patching Holes
Search:
[ news_security_news ]

Apple Patching Holes



John Stith
Staff Writer
2005-11-01

SecurityProNews: Insider Reports Insider Reports RSS Feed


Apple posted their 10.4.3 update, patching a number of holes in their product. Five problems were found at various points in Apple's OS X. The patch is available for download now from their Apple Downloads section or the Software Update section.

The five sections included the Finder, the Software Update, memberd, Keychain and Kernel. The Finder update addresses an issue about file and group ownership information displayed in the "Finder Get Info" window not being correct. This will synchronize the displayed ownership with the actual ownership in all situations.

The Software Update has a setting allowing users to ignore specific updates. If all the updates have been marked, the program will exit with out providing a reset option. This update addresses the issue by asking whether the ignored updates list should be reset when this situation is encountered.

The memberd affects changes to a group's membership. In certain situations, changes may not be immediately reflected in access control checks. This could let people who've been removed still have access to files and other resources. The update will invalidate the group membership cache at appropriate times.

Keychain Access is a utility used to view keychain items and change keychain settings. If a keychain locks due to a timeout while viewing a stored password, the password remains visible. This update hides the passwords when the keychains do lock.

Finally, certain kernel interfaces may return data that includes sensitive information in uninitialized memory. Feeling this would be bad, Apple chose to fix this as well.

All of the fixes only work with OS X 4 or later except the kernel issue. It's for 10.4.2 or earlier. This one would be worthwhile to add. Apple doesn't release these all that often but when they do, they're important.


About the Author:
John is a staff writer for SecurityProNews covering cyber security.

More news_security_news Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - $line) { echo $line ; } ?> All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds