Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the TidBITS Content Network for Apple consultants.



Pick an apple! 


Related Articles



Security Update 2012-004 (Snow Leopard)

Apple has released Security Update 2012-004 for both Mac OS X 10.6.8 Snow Leopard and 10.6.8 Snow Leopard Server, both of which address the same issues. Among the list of fixes, the releases update Apache 2.2.22 to prevent a vulnerability that could lead to denial of service, add a revoked TrustWave root certificate to a list of untrusted certificates, and update the DirectoryService Proxy to prevent an arbitrary execution of code due to an overflow buffer vulnerability. There’s no reason to update instantly; we recommend waiting a week or so and seeing if online reports note any distressing side effects. Note that Apple incorrectly lists the file size of the 10.6.8 Snow Leopard Security Update as 2.36 MB — it is actually 257 MB. (Free, 257/276 MB)


Try productivity tools from Smile that will make your job easier!
PDFpen: PDF toolkit for busy pros on Mac, iPhone, and iPad.
TextExpander: Your shortcut to accurate writing on Mac, Windows,
and iOS. Free trials and friendly support. <>

Comments about Security Update 2012-004 (Snow Leopard)
(Comments are closed.)

And disables ALL plugins in Snow Leopard Mail. Disaster......
alaryc  2012-09-20 05:54
Mail doesn't work anymore here ...
lee smith  2012-09-25 20:08
I'm confused - maybe you can help since Mail stopped working for you too. All the other write ups concerned plug ins. Mine is just mail. Were you able to get plain ole Mail 4.6 or 4.5 working after installing the latest security patch? I'm a unix novice. Thanks
rastarman  2012-09-20 11:54
Yes, this update disables not only 3rd party plugins (Spam Sieve, Letterbox, Growl) in Mail, but "To Do" feature as well.

Spam Sieve (love 'em to death) whipped out a beta fix.

Get at:

No fix for Letterbox, which was only updated for 10.6.7 anyway.

BUT see Apple discussion for other fixes:

UPDATE: Spam Sieve also posted it's own comments about restoring the mail plugin:
You say it's 257/276 MB. But the file I downloaded (apparently successfully) is reported in Finder as 269.6 MB (269,582,402 bytes). Does that mean there's something wrong with my file, or is it just something about disk allocation block sizes or something? I haven't installed it yet.
Adam Engst  An apple icon for a TidBITS Staffer 2012-09-22 16:37
Don't worry about it - we give reported file sizes so you can get a sense of how long it will take to download, and the actual size can vary based on how you get it or what Mac model you have.
Thank you Apple for updating Apache but what about OpenSSL it has been vulnerable since January. Trustwave, my PCI tester still fails my server because OpenSSL hasn't been upgraded from 0.9.8r to 0.9.8s or later.
Does Apple even care?
jcroyer  2012-10-03 09:12
Who now how to go back from this update ? ( I suspect it to broke one of my applications)