Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.

 

 

Pick an apple! 
 
Open Recent Office 2008 Docs by Date

Office 2008 applications like Word and Excel now list recently opened documents on a File > Open Recent submenu. Choose More from that menu, and you'll get a multifunction Project Gallery dialog. Click the Recent button at the top and then select a date range in the Dates list to find files that were last opened today, yesterday, earlier in the week, last week, and so forth. (The Settings pane in the Project Gallery dialog lets you set how many recently opened files show in the File > Open Recent submenu.)

 

 

Related Articles

 

 

Apple Patches AirPort Card Driver Flaws

Send Article to a Friend

Apple patched a security flaw in the drivers for the company's original AirPort card last week. Among other fixes, Security Update 2006-007 for Mac OS X 10.3.9 and 10.4.8 corrects a flaw that could enable a nearby attacker to cause a kernel panic and crash a Mac in the right set of circumstances. Apple warned that this attack could potentially deliver a software payload that would run without interference on the attacked computer - a state known as arbitrary code execution. We wrote about this exploit last month ("Another Minor AirPort Vulnerability Exposed," 2006-11-06), at which point the exploit's discoverer only suggested that a payload was possible. A host of other flaws were also patched.

Six unique updaters are available: one each for 10.3.9 client and server, 10.4.8 PowerPC client and server, and 10.4.8 Intel client and server. Software Update identifies the correct one for your Mac.

The AirPort flaw was triggered if an AirPort card, signaling it was interested in knowing what networks were available in the vicinity, received a carefully crafted response that mimicked how access points announce their name and other details. The patch validates those responses to avoid triggering an error. Keep in mind that the vulnerability affects only the original AirPort card, which was included with Macs released from 1999 to 2002, and was sold as late as 2004 for those Macs. AirPort Extreme cards, which work with models introduced starting in January 2003, have drivers that aren't affected by this particular flaw. (The few users of Mac OS X 10.2 and earlier have been ignored for AirPort card updates for at least a couple of years now.)

Security Update 2006-007 mostly patches flaws that are triggered by local users with physical access to the computer, although a few weaknesses could be exploited by remote users. For instance, a flaw in the FTP server built into Mac OS X could enable a remote user to figure out which users have valid accounts on the attacked computer. And an error in how Samba (Windows file sharing) handles incoming requests could have enabled an attacker to break access to the service.

One significant flaw, now patched, could have crashed or exploited Mac OS X when Safari visited a Web site that had a maliciously crafted Web page. The flaw was in WebKit, the underlying system-wide software used for HTML rendering and handling that's used in Safari and many third-party applications. The fix now parses documents correctly. Oddly, the description of this problem is identical to that used in Security Update 2006-004 released on 01-Aug-06.

 

READERS LIKE YOU! Support TidBITS by becoming a member today!
Check out the perks at <http://tidbits.com/member_benefits.html>
Special thanks to Norm Gregory, Yvonne Bowers, Peter Willis, and Roy
White for their generous support!