Apple has released Security Update 2013-001 for Mac OS X 10.6 Snow Leopard and 10.7 Lion, with each big cat getting two versions: Snow Leopard (316.63 MB) and Snow Leopard Server (391.63 MB); and Lion (31.42 MB) and Lion Server (79.33 MB). The updates close a variety of vulnerabilities, including Apache HTTP authentication, handling of JSON data by Ruby on Rails in Podcast Producer Server, and a buffer overflow when viewing MP4 files in QuickTime. The complete list of fixes can be found on this Apple support page, which combines the details for these security updates with those for the just-released Mountain Lion update (see “OS X 10.8.3 Mountain Lion Fixes Nagging Bugs,” 14 March 2013). The security update also runs a malware removal tool that will notify you only if anything is removed. It’s interesting to see Apple releasing this update for 10.6 Snow Leopard, since Apple generally maintains security updates only one version behind the current cat. (Free)
Trust Local Addresses in VirusBarrier X6's Antivandal
VirusBarrier X6's Antivandal feature stops all kinds of network attacks, including port scans, ping floods and more. However, you may have some devices on your network that send out pings or other requests that may be interpreted as attacks. To prevent this, add them to the Trusted Addresses list so they won't be blocked. You can even add a range of addresses with wildcards, such as 192.168.1.*.
- OS X 10.8.3 Mountain Lion Fixes Nagging Bugs (14 Mar 13)
Security Update 2013-001 for Snow Leopard and Lion
Set up short abbreviations which expand to larger bits of text,
such as “Tx” for “TextExpander”. With the new custom keyboard,
you can expand abbreviations in any app, including Safari and
There were several security updates issued after the release of Mountain Lion that were not made available for Snow Leopard. So, it seems that Apple is only partially supporting SL from a security perspective. I guess that is better than nothing, but it is important to remember that despite the recent Java updates for SL and this Security Update that SL does have unpatched vulnerabilities .
You might try some basic troubleshooting first, such as checking for disk corruption, seeing if the problems exist with a Safe boot, checking to see if other user accounts share them, and so on.
There haven't been many actual security updates in the last while - 2012 had four, but one of those was Leopard-only due to being related to Flash. So the first two came before Mountain Lion was released, and 2012-004 was confusing because of coinciding with an actual release of Lion, even after Mountain Lion had come out.
So it's not clear if Apple has changed its policy and will be maintaining Snow Leopard security updates for a while yet, but that has certainly been the effect.
I just have a question regarding this update. I recently forgot my root password so I removed it with the install cd. Then I made the 2013-001 update for Snow Leopard. Today I made a permission repair and I got the "Warning: SUID file "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/MacOS/ARDAgent" has been modified".
After looking online, I found that I seem to be the only one concerned so far and I'm wondering is this issue might be due to my password reset or to the 2013-001 update ?
And what should I do ?
Many thanks !
I found one french website giving a way, if that's the issue (for me, yes), to force the signature of the ARDagent in /var/db/receipts/com.apple.pkg.Essentials.plist to correspond to the one of the actual file in /System/Library/CoreServices/RemoteManagement/ARDagent.app/Content/MacOS/ARDagent through the terminal.
Should I do that ?
Does anybody have this message after installing the 2013-001 security upgrade on snow leopard ?
Just wanting to be sure,...