This article originally appeared in TidBITS on 2010-06-15 at 7:21 p.m.
The permanent URL for this article is:
Include images: Off

Mac OS X 10.6.4 Fixes Highly Specific Bugs

by Adam C. Engst

In what was clearly an attempt to distract Mac users from hammering the Apple Store while pre-ordering the iPhone 4, Apple last week shipped Mac OS X 10.6.4 to fix a variety of bugs and security vulnerabilities, and to ensure that everyone running Mac OS X 10.6 Snow Leopard upgrades to the included Safari 5. It's difficult to summarize the changes, since most of the bugs fixed are pretty specific. Apple says that the Mac OS X 10.6.4 Update:

A few issues relate specifically to digital photography, so the update also:

Security -- On the security side, Mac OS X 10.6.4 eliminates 23 separate vulnerabilities, including problems in CUPS (Mac OS X's printing system), Mac OS X's handling of symlinks, iChat, image handling, Kerberos, URL handling, Open Directory, Ruby, the SMB file server, and - in Mac OS X Server - SquirrelMail and Wiki Server. These fixes are also available for Mac OS X 10.5.8 Leopard in Security Update 2010-004 (Leopard-Client) [2] and Security Update 2010-004 (Leopard-Server) [3].

A few things jumped out at us from the security notes [4]. Most notably, the Mac OS X 10.6.4 Update includes Flash Player, which is itself significantly vulnerable, so if you haven't yet installed Flash Player, do so manually after updating to 10.6.4 (for more details, see "Adobe Flash Player Blocks 32 Security Holes [5]," 11 June 2010). Luckily, it appears that Apple's delta installer does not overwrite the later Flash Player if you've already installed it. However, as our friend John Baxter discovered, the combo updater can install the older Flash Player over a newer version, so if you use the combo updater, be sure to check your Flash Player version after updating and reinstall manually if necessary.

Also, Apple describes a problem that has apparently existed for some time in Leopard and Snow Leopard, but is now fixed. "When 'Apply to enclosed items...' is selected in the Get Info window in the Finder, the ownership of the enclosed items is not changed. This may cause the enclosed files and folders to have unexpected permissions. This issue is addressed by applying the correct ownership." This comment is somewhat distressing, and if you've changed permissions for enclosed items via the Get Info window recently, you might wish to check to make sure the ownership is what you want it to be.

Snow Leopard Server -- In addition to the general fixes in the desktop version, Mac OS X Server 10.6.4 features its own collection of improvements, including fixes for:

Downloading -- The specificity of these bug fixes means that you shouldn't necessarily hurry to download and install Mac OS X 10.6.4 until early adopters have had a chance to determine if there are any problems lurking in the release. Or, of course, unless you're experiencing one of the bugs that 10.6.4 addresses!

As usual, Mac OS X 10.6.4 is available in a variety of packages, including a special one for the just-released Mac mini (Mid 2010) that fixes some problems on that machine related to graphics compatibility and performance, and improves compatibility with large-format SDDXC memory cards.