Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.

 

 

Pick an apple! 
 
Monitor Network Throughput with VirusBarrier X6

Concerned about how much data is coming into or leaving your Mac? Try VirusBarrier X6's network monitoring tools, which include a Traffic window, a standalone Traffic Monitor application, and even a screensaver that displays real-time traffic information.

Visit Intego

 
 

Security Update 2004-06-07 Plugs Launch Services Holes

Send Article to a Friend

Just as we were about to wrap this issue, including a brief bit about an update to Paranoid Android - Unsanity's hack for warning the user about the launching of unknown URL schemes - Apple released Security Update 2004-06-07, which claims to fix all of the recently identified security vulnerabilities in Mac OS X (see our articles on the topic in TidBITS-731 for full details on what was broken).

<http://db.tidbits.com/article/07679>
<http://db.tidbits.com/article/07680>
<http://www.unsanity.com/haxies/pa/>

In short, the security update revises Launch Services so it alerts the user to applications that have not been explicitly launched before (with a dialog along the lines of the one Paranoid Android puts up). It also removes the registration of the disk URL scheme so disk images accessed via disk URLs no longer mount automatically. A change to Safari eliminates a feature that could open certain downloaded files when the Show in Finder button was clicked. And lastly, an unrelated fix enables telnet URLs to have port numbers specified with them again; that functionality had been removed by a previous security update. See Apple's articles on the topic for more details and a look at the new alert.

<http://docs.info.apple.com/article.html? artnum=61798>
<http://docs.info.apple.com/article.html? artnum=25785>

Security Update 2004-06-07 is available via Software Update; it's also available as a 900K standalone download for both Mac OS X 10.3.4 and Mac OS X 10.2.8.

<http://www.apple.com/support/downloads/ securityupdate_2004-06-07_(_10_3_4).html>
<http://www.apple.com/support/downloads/ securityupdate_2004-06-07_(_10_2_8).html>

Needless to say, we haven't had time to evaluate how well Apple's fixes work or if they cause any other problems, but we'll be tracking user reports on TidBITS Talk and other forums in the upcoming week.

 

CrashPlan is easy, secure backup that works everywhere. Back up
to your own drives, friends, and online with unlimited storage.
With 30 days free, backing up is one resolution you can keep.
Your life is digital; back it up! <http://tid.bl.it/code42-tb>