Apple has released Security Update 2010-003 (Leopard-Client) to address a critical vulnerability in the way Apple Type Services in Mac OS X 10.6 Snow Leopard parses embedded fonts. Users who view or download any documents containing maliciously crafted embedded fonts run a risk of arbitrary code execution. The update addresses this issue by improving index checking. This vulnerability was first demonstrated by Charlie Miller at the Pwn2Own conference 20 days ago, which shows a reasonably quick response on Apple's part. A nearly identical update - Security Update 2010-003 (Leopard-Server) - that eliminates the same vulnerability is available for Leopard Server. The update requires you are running Mac OS X 10.5.8 and is available via Software Update and the Apple Support Downloads page. (Free, 218.6/379.5 MB)
Avoid Naming Pear Note Files
If you create a lot of documents, coming up with a name for them can sometimes be a hassle. This is especially true now that search is becoming a more prevalent way to find documents. Pear Note provides a way to have the application automatically generate a filename so you can avoid this hassle. To use this:
- Open Saving under Pear Note's preferences.
- Select a default save location.
- Select a default save name template (Pear Note's help documents all the fields that can be automatically filled in).
- Check the box stating that Command-S saves without prompting.
- If you decide you want to name a particular note later, just use Save As... instead.
Visit Useful Fruit Software