Security Update 7-12-02 Fixes Software Update — Apple has released Security Update 7-12-02 to fix a recently reported problem with Mac OS X’s Software Update utility. Software Update 1.4.6 eliminates concern over an attacker setting up a machine to masquerade as the Software Update server swscan.apple.com and deliver malicious programs in the guise of legitimate updates. Although Software Update 1.4.6 still relies on the same server, Apple is now cryptographically signing all downloads, and Software Update installs only downloads that Apple has signed, a capability that has been available in the Mac OS 9 version of Software Update for some time. Downloads that lack a valid signature are deleted. The 2.3 MB Security Update 7-12-02 is available via Software Update itself or as a separate 844K download. [ACE]
Subscribe today so you don’t miss any TidBITS articles!
Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For over 33 years, we’ve published professional, member-supported tech journalism that makes you smarter.
Registration confirmation will be emailed to you.