Apple has released Security Update 2013-001 for Mac OS X 10.6 Snow Leopard and 10.7 Lion, with each big cat getting two versions: Snow Leopard (316.63 MB) and Snow Leopard Server (391.63 MB); and Lion (31.42 MB) and Lion Server (79.33 MB). The updates close a variety of vulnerabilities, including Apache HTTP authentication, handling of JSON data by Ruby on Rails in Podcast Producer Server, and a buffer overflow when viewing MP4 files in QuickTime. The complete list of fixes can be found on this Apple support page, which combines the details for these security updates with those for the just-released Mountain Lion update (see “OS X 10.8.3 Mountain Lion Fixes Nagging Bugs,” 14 March 2013). The security update also runs a malware removal tool that will notify you only if anything is removed. It’s interesting to see Apple releasing this update for 10.6 Snow Leopard, since Apple generally maintains security updates only one version behind the current cat. (Free)
Mac OS X Services in Snow Leopard
Mac OS X Services let one application supply its powers to another; for example, a Grab service helps TextEdit paste a screenshot into a document. Most users either don't know that Services exist, because they're in an obscure hierarchical menu (ApplicationName > Services), or they mostly don't use them because there are so many of them.
Snow Leopard makes it easier for the uninitiated to utilize this feature; only services appropriate to the current context appear. And in addition to the hierarchical menu, services are discoverable as custom contextual menu items - Control-click in a TextEdit document to access the Grab service, for instance.
In addition, the revamped Keyboard preference pane lets you manage services for the first time ever. You can enable and disable them, and even change their keyboard shortcuts.
- OS X 10.8.3 Mountain Lion Fixes Nagging Bugs (14 Mar 13)
Security Update 2013-001 for Snow Leopard and Lion
Put your company and products in front of tens of thousands of
savvy, committed Apple users who actually buy stuff.
More information: <http://tidbits.com/advertising.html>
There were several security updates issued after the release of Mountain Lion that were not made available for Snow Leopard. So, it seems that Apple is only partially supporting SL from a security perspective. I guess that is better than nothing, but it is important to remember that despite the recent Java updates for SL and this Security Update that SL does have unpatched vulnerabilities .
You might try some basic troubleshooting first, such as checking for disk corruption, seeing if the problems exist with a Safe boot, checking to see if other user accounts share them, and so on.
There haven't been many actual security updates in the last while - 2012 had four, but one of those was Leopard-only due to being related to Flash. So the first two came before Mountain Lion was released, and 2012-004 was confusing because of coinciding with an actual release of Lion, even after Mountain Lion had come out.
So it's not clear if Apple has changed its policy and will be maintaining Snow Leopard security updates for a while yet, but that has certainly been the effect.
I just have a question regarding this update. I recently forgot my root password so I removed it with the install cd. Then I made the 2013-001 update for Snow Leopard. Today I made a permission repair and I got the "Warning: SUID file "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/MacOS/ARDAgent" has been modified".
After looking online, I found that I seem to be the only one concerned so far and I'm wondering is this issue might be due to my password reset or to the 2013-001 update ?
And what should I do ?
Many thanks !
I found one french website giving a way, if that's the issue (for me, yes), to force the signature of the ARDagent in /var/db/receipts/com.apple.pkg.Essentials.plist to correspond to the one of the actual file in /System/Library/CoreServices/RemoteManagement/ARDagent.app/Content/MacOS/ARDagent through the terminal.
Should I do that ?
Does anybody have this message after installing the 2013-001 security upgrade on snow leopard ?
Just wanting to be sure,...