Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.

Security Update 2013-001 for Snow Leopard and Lion

Apple has released Security Update 2013-001 for Mac OS X 10.6 Snow Leopard and 10.7 Lion, with each big cat getting two versions: Snow Leopard (316.63 MB) and Snow Leopard Server (391.63 MB); and Lion (31.42 MB) and Lion Server (79.33 MB). The updates close a variety of vulnerabilities, including Apache HTTP authentication, handling of JSON data by Ruby on Rails in Podcast Producer Server, and a buffer overflow when viewing MP4 files in QuickTime. The complete list of fixes can be found on this Apple support page, which combines the details for these security updates with those for the just-released Mountain Lion update (see “OS X 10.8.3 Mountain Lion Fixes Nagging Bugs,” 14 March 2013). The security update also runs a malware removal tool that will notify you only if anything is removed. It’s interesting to see Apple releasing this update for 10.6 Snow Leopard, since Apple generally maintains security updates only one version behind the current cat. (Free)


Create a website to showcase your work. Make your next move
with a beautiful website and a domain name from Squarespace.
Use offer code ‘TIDBITS’ for 10% off your first purchase.
Try Squarespace today! <>

Comments about Security Update 2013-001 for Snow Leopard and Lion
(Comments are closed.)

I'm glad to see that Snow Leopard is receiving a security update but I'm also a bit confused...
There were several security updates issued after the release of Mountain Lion that were not made available for Snow Leopard. So, it seems that Apple is only partially supporting SL from a security perspective. I guess that is better than nothing, but it is important to remember that despite the recent Java updates for SL and this Security Update that SL does have unpatched vulnerabilities .
Adam Engst  An apple icon for a TidBITS Staffer 2013-03-17 11:59
Yeah, that's an interesting point - we were quite surprised to see Snow Leopard included here too, and I wonder why Apple chose to do this one and what old vulnerabilities remain unpatched in Snow Leopard.
Carlo Beenakker  2013-03-16 10:01
after the upgrade several applications (Dropbox, Fantastical, ...) now force my Macbook Pro to switch to the discrete GPU (rather than the less power hungry integrated GPU); quite annoying.
Adam Engst  An apple icon for a TidBITS Staffer 2013-03-17 11:59
That's frustrating - which version of the OS?
i just updated SL and now my keyboard won't work on my imac. Unplugged, restarted, everything.

David Laffitte  2013-03-18 03:54
Any thoughts on why SL is so large 300+MB while Lion update is 1/10th that size?
Adam Engst  An apple icon for a TidBITS Staffer 2013-03-18 07:06
They're not fixing exactly the same things, so that might account for some of it, and I think Apple has also been trying to reduce the size of updates with Lion and Mountain Lion, which is probably the main thing.
I accepted this update at which point my ability to auto set the clock, keep the password in my wi-fi and connect to my Time Machine all disappeared. This is what I know so far. How to I revert or undo this update? Any ideas?
Adam Engst  An apple icon for a TidBITS Staffer 2013-03-18 08:25
That's really troubling, and the only way I can suggest to revert is to use Time Machine to restore the entire system from a pre-update backup (hopefully just before).

You might try some basic troubleshooting first, such as checking for disk corruption, seeing if the problems exist with a Safe boot, checking to see if other user accounts share them, and so on.
Dave Livesay  2013-03-18 09:23
I might be crazy, but after I installed this update, my svn client was downgraded to 1.6.17. I had been running 1.7.5, but iirc, the "stock" version was 1.6.16, so it's not clear where this version came from or why.
Adam Engst  An apple icon for a TidBITS Staffer 2013-03-18 09:42
That's just freaky... I wonder if someone could take the update package apart with Pacifist and see if there is indeed a new SVN version in there.
Michael Slavitch  2013-03-18 14:46
The update also causes the latest version of XQuartz to segfault. Not good, not good at all.
eharts  2013-03-18 18:25
I wasn't surprised to see the SL update. There are just too many people who need Rosetta and stayed with SL, and leaving them behind would cause a lot of problems in the overall user base, which would be yet another publicity black eye for the post-Jobs Apple.
Tentative explanation. EU regulations impose a 2-year guarantee on all consumer products. Snow Leopard was still sold pre-installed on Macs less than two years ago. Apple has several cases on its back in EU countries, including one it has lost big time in Italy. So I guess they find that it's better not to take any chances at this point.
Adam Engst  An apple icon for a TidBITS Staffer 2013-03-19 05:44
Interesting suggestion - that could very well explain it!
Also some changes to security routines in this update, which are leading to quite a bit of discussion on Apple's Support Communities:
Adam Engst  An apple icon for a TidBITS Staffer 2013-03-19 05:54
That is a fascinating discussion, as people try to figure out what a new Apple process that's connecting back to the mothership is really doing. For an easy click:
Adam Engst  An apple icon for a TidBITS Staffer 2013-03-19 05:44
I have to recant slightly on the comment that it's surprising to see this update for Snow Leopard, since Apple also included Snow Leopard in the last Security Update (2012-004 from 19 September), which coincided with the release of Mac OS X 10.7.5.

There haven't been many actual security updates in the last while - 2012 had four, but one of those was Leopard-only due to being related to Flash. So the first two came before Mountain Lion was released, and 2012-004 was confusing because of coinciding with an actual release of Lion, even after Mountain Lion had come out.

So it's not clear if Apple has changed its policy and will be maintaining Snow Leopard security updates for a while yet, but that has certainly been the effect.
Hi everyone
I just have a question regarding this update. I recently forgot my root password so I removed it with the install cd. Then I made the 2013-001 update for Snow Leopard. Today I made a permission repair and I got the "Warning: SUID file "System/Library/CoreServices/RemoteManagement/" has been modified".
After looking online, I found that I seem to be the only one concerned so far and I'm wondering is this issue might be due to my password reset or to the 2013-001 update ?
And what should I do ?
Many thanks !
As far as I'm aware, this file has been reported in the course of a Permissions Repair as far back as OSX 10.4 and it still is being reported in 10.7 (as I noticed repairing permissions an hour ago or so). Hasn't caused much stress to anyone; least of all to Apple, apparently.
Adam Engst  An apple icon for a TidBITS Staffer 2013-03-20 07:22
Yeah, I think this is basically a spurious error and doesn't warrant further worry.
Ok, thanks to you both.
I found one french website giving a way, if that's the issue (for me, yes), to force the signature of the ARDagent in /var/db/receipts/ to correspond to the one of the actual file in /System/Library/CoreServices/RemoteManagement/ through the terminal.

Should I do that ?
Does anybody have this message after installing the 2013-001 security upgrade on snow leopard ?
Just wanting to be sure,...

David Bailin  2013-03-26 09:13
Breaks MailFollowup 1.4.4 since it upgrades Mail to 4.6