April Mac OS X Security Update -- Apple last week released the Security Update April 2002 through Software Update and the Apple software downloads site. The 4.7 MB download includes updates to a number of Mac OS X's Unix components, including OpenSSH 3.1p1, rsync 2.5.2, groff 1.17.2, PHP 4.1.2, sudo 1.6.5, mod_ssl 2.8.7, and mail_cmds. These updated components provide increased security against Unix-based exploits for gaining unauthorized access to your Mac. Everyone should download and install this security update. Most notable with this release, though, is Apple's first real use of their Security Announce mailing list, a PGP-signed posting to which carried more detailed change notes than were available via Software Update's description of the update. Plus, the version of the change notes on Apple's Security Updates page included links where you could read more about the exploits in question. It's taken over a year, but it appears that Apple is finally living up to all of the responsibilities to the community it took on by moving the Macintosh away from the highly secure Mac OS 9 to the far more open Unix core of Mac OS X. [ACE]
Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the TidBITS Content Network for Apple consultants.