Spam Chronicles» vulnerability http://www.spamchronicles.com Chronicling My Spam Explorations Wed, 12 Sep 2007 02:11:20 +0000 en hourly 1 http://wordpress.org/?v=3.0 OSX Security Update 2007-007 http://www.spamchronicles.com/2007/07/31/osx-security-update-2007-007/ http://www.spamchronicles.com/2007/07/31/osx-security-update-2007-007/#comments Wed, 01 Aug 2007 02:32:39 +0000 ray http://www.spamchronicles.com/security-vulnerability/osx-security-update-2007-007/ OS X Security Update 2007-007Apple almost made it through the month of July without an operating system security update which would have been a first for the year. But OS X Security Update 2007-007 was released on the last day of the month.

Thirteen components are updated. Click the thumbnail to see the component list or visit the Apple Support Page for the complete details. Of special note is the Samba vulnerability that Apple has finally patched. Samba is an open source windows file sharing application that is bundled with OS X. A critical vulnerability was found in late may and almost immediately patched by the Samba team. Apple has released several security updates since then but none have included the Samba patch, until now. Samba is off by default but is enabled when turning on Windows sharing in System Preference -> Sharing.

The update is for both Intel and PPC based Macs running OS X 10.3.9 or OS X 10.4.10 including the standard OS and the Server OS. It’s available through Apple’s built-in software update service or as a standalone download. A computer restart is needed after applying the patch.

Apple also released Airport Extreme Update 2007-004. Details are lacking and Apple’s only comment is:

This update is recommended for all Intel-based MacBook, MacBook Pro, and Mac mini computers and improves the reliability of AirPort connections.

]]> http://www.spamchronicles.com/2007/07/31/osx-security-update-2007-007/feed/ 0 Adobe Patches Flash Player http://www.spamchronicles.com/2007/07/12/adobe-patches-flash-player/ http://www.spamchronicles.com/2007/07/12/adobe-patches-flash-player/#comments Thu, 12 Jul 2007 16:07:01 +0000 ray http://www.spamchronicles.com/security-vulnerability/adobe-patches-flash-player/ MS Security AlertAdobe has issued an update to Flash Player (formerly known as Macromedia Flash Player) that patches several serious security vulnerabilities. The latest version is Flash Player 9.0.47.0 They’ve also updated the older version 7 to version 7.0.70.0.

The patch may be installed through the auto update feature of Flash Player or you can visit the About Flash Player page to see what version you have installed and download the update. You can also go directly to the Adobe Flash Player download page. If you run Flash under multiple browsers you’ll have to update the player for each browser. You’ll need to close all browser windows during the installation. The update is for Flash Player on both Windows and OS X.

]]> http://www.spamchronicles.com/2007/07/12/adobe-patches-flash-player/feed/ 0 Apple Adds to Patch Tuesday http://www.spamchronicles.com/2007/07/11/apple-adds-to-patch-tuesday/ http://www.spamchronicles.com/2007/07/11/apple-adds-to-patch-tuesday/#comments Thu, 12 Jul 2007 00:38:21 +0000 ray http://www.spamchronicles.com/security-vulnerability/apple-adds-to-patch-tuesday/ MS Security AlertApple joins the the Tuesday patch party and releases a security update for Quicktime along with a bugfix update for iTunes. The patches are for the software on both Windows and OS X.

The Quicktime update, to version 7.2 includes eight security vulnerability fixes some of which will allow code execution. It also includes updates to the H.264 codec, support for full screen viewing and “numerous bug fixes”. The update requires a reboot on both Mac and Windows.

The iTunes update brings iTunes to 7.3.1 and fixes a problem with iTunes 7.3 accessing the library. No other changes are documented.

Both patches are available through Apple software update or from the Apple download page.

]]> http://www.spamchronicles.com/2007/07/11/apple-adds-to-patch-tuesday/feed/ 0