OS X

Third Version of Tiger Fixes Security Flaws

Print Version
E-Mail Article
Reprints

By Susan B. Shor
MacNewsWorld
Part of the ECT News Network
11/02/05 1:30 PM PT

Overall, Apple says the update will increase system performance as well as improve compatibility with third-party software and Web cams. Apple also says its Safari Web browser now passes the Web Standards Project's Acid2 Browser Test, which insures that browsers support Web standards. As of yet, it is the only browser to do so.


Free WiFi Hotspot Locator from TechNewsWorld
Wondering where to find the nearest publicly available WiFi Internet access? Our global directory of more than 100,000 locations in 26 countries is a terrific tool for mobile computer users.

Apple's (Nasdaq: AAPL) Latest News about Apple third update to OS X, version 10.4.3, a 97 MB patch that contains 60 improvements to Tiger, includes five security fixes, but they were never much for Mac users to worry about, one analyst said.

"For the most part, they are all bugs that happen only under specific, relatively rare conditions; even then, the impact on the system is minor," Ed Moyle, president of SecurityCurve, told MacNewsWorld. "An attacker could not, for example, use these bugs to take over a system remotely or write a worm that infects Macintosh Latest News about Macintosh machines."

The Flaws

One flaw prevented software updates from properly installing critical fixes. Several other vulnerabilities in the kernel could have allowed local users to get to personal information. The other flaw could have caused Keychain, a utility that stores passwords, to instead display passwords that were supposed to be stored and locked.

Although Apple provides many fewer security patches than Microsoft (Nasdaq: MSFT) Latest News about Microsoft, which releases fixes through its monthly "Patch Tuesday" program, that does not necessarily mean that Macs are more secure or that this update has taken care of all potential problems.

"It's difficult to directly compare Apple with, for example, Microsoft from a patching perspective because Microsoft is more heavily used and therefore is a more attractive target amongst the vulnerability research community," Moyle said. "As such, there are more vulnerabilities discovered in the Microsoft world than in the OS X world."

Where the Users Are

More attacks are aimed at PCs simply because more users would be affected, he said.

"If malware authors are going to spend the time writing an attack program, they are usually going to target the platform where they are going to get the biggest bang for their buck," Moyle said. "The biggest bang is not going to be found in OS X, since there are comparatively fewer systems running the OS. However, that doesn't necessarily mean that it can never happen."

Overall, Apple says the update will increase system performance as well as improve compatibility with third-party software and Web cams. Apple also says its Safari Web browser now passes the Web Standards Project's Acid2 Browser Test, which insures that browsers support Linux MPS Pro - Focus on Your Business - Not Your IT Infrastructure. $599.95/month. Click to learn more. Web standards. As of yet, it is the only browser to do so, although soon-to-be released versions of Firefox and Opera are also expected to pass the test as well.

Apple also boosted Mail, iChat and Spotlight, its desktop search function. OS X 10.4.3 is available in client and server versions. The server version of the update is 118 MB.

Social Networking Toolbox:
Talkback: Be the first to comment on this story.

Print Version E-Mail Article Reprints More by Susan B. Shor   RSS

Related Resources

Don't miss a story -- sign up for our FREE e-mail newsletters and view the latest headlines at a glance.
Tech News Flash [ View Sample ]
E-Commerce Minute [ View Sample ]
ECT News Network Weekly Newsletter [ View Sample ]