Headline Feeds
Apple's (Nasdaq: AAPL) third update to OS X, version 10.4.3, a 97 MB patch that contains 60 improvements to Tiger, includes five security fixes, but they were never much for Mac users to worry about, one analyst said.
"For the most part, they are all bugs that happen only under specific, relatively rare conditions; even then, the impact on the system is minor," Ed Moyle, president of SecurityCurve, told MacNewsWorld. "An attacker could not, for example, use these bugs to take over a system remotely or write a worm that infects Macintosh machines."
The Flaws
One flaw prevented software updates from properly installing critical fixes. Several other vulnerabilities in the kernel could have allowed local users to get to personal information. The other flaw could have caused Keychain, a utility that stores passwords, to instead display passwords that were supposed to be stored and locked.
Although Apple provides many fewer security patches than Microsoft (Nasdaq: MSFT), which releases fixes through its monthly "Patch Tuesday" program, that does not necessarily mean that Macs are more secure or that this update has taken care of all potential problems.
"It's difficult to directly compare Apple with, for example, Microsoft from a patching perspective because Microsoft is more heavily used and therefore is a more attractive target amongst the vulnerability research community," Moyle said. "As such, there are more vulnerabilities discovered in the Microsoft world than in the OS X world."
Where the Users Are
More attacks are aimed at PCs simply because more users would be affected, he said.
"If malware authors are going to spend the time writing an attack program, they are usually going to target the platform where they are going to get the biggest bang for their buck," Moyle said. "The biggest bang is not going to be found in OS X, since there are comparatively fewer systems running the OS. However, that doesn't necessarily mean that it can never happen."
Overall, Apple says the update will increase system performance as well as improve compatibility with third-party software and Web cams. Apple also says its Safari Web browser now passes the Web Standards Project's Acid2 Browser Test, which insures that browsers support Web standards. As of yet, it is the only browser to do so, although soon-to-be released versions of Firefox and Opera are also expected to pass the test as well.
Apple also boosted Mail, iChat and Spotlight, its desktop search function. OS X 10.4.3 is available in client and server versions. The server version of the update is 118 MB.
Talkback: 
