November 29, 2006
A little more on Security Update 2006-007
Posted Nov. 29, ’06, 7:53 AM PT by Derik DeLong
Category | Security
Scott already alerted you to this update and it should come in just fine in Software Update. But to you and me, what does it mean?
The most visible is the fix for the previously reported Airport exploit featured on MoKB. Of course the reporting researcher took an immature cheapshot at John Gruber (daringphucball is what he named it). That researcher was credited (amazing, considering he supplied real exploit code).
There are a bunch of vulnerabilities that can be caused by a local user crafting a malicious file and invoking with a variety of services. The Finder one is particularly troublesome.
Also, the Installer issues identified by Adam Knight that allowed installer packages to attain system priveleges without explicit admin permission has been fixed. You must now authenticate to supply those services to pre and post flight scripts.
There’s also a WebKit update, meaning Safari and browsers using that kit will be reinforced by this update.
I highly recommend everyone install this update. There are several very dangerous insecurities fixed. I know the first thing I did when I saw it was to install it.
1 Comments
Leave a comment
Recent Entries
About MacUser
MacUser is your source for news, info, and opinion about Apple, the Mac, and the iPod. Our dedicated team of bloggers covers everything that is relevant to Mac users — and, okay, some stuff that’s not quite relevant, but is still a lot of fun.
Subscribe/RSS
- Blog Posts
- Blog Comments
- Podcast (RSS) (iTunes)
Tip us off!
- Email: macuser [at] macuser [dot] com
Recent Comments 
- the truth on iPod touch users get second classed again with the omission of new Maps features
- James Katt on Apple levels DMCA on iPodhash project
- AdamC on Apple levels DMCA on iPodhash project
- sf addict on Ch-ch-ch-ch-changes afoot at MacUser
- Paul Norton on iPod touch users get second classed again with the omission of new Maps features
- me on iPod touch users get second classed again with the omission of new Maps features
Categories
- Apple (234)
- Advertising (162)
- Events (235)
- Huh? (182)
- Humor (259)
- News (148)
- People (258)
- Rivals (405)
- Speculation (167)
- Steve Jobs (172)
- Stores (206)
- Apple TV (58)
- Business (451)
- Games (143)
- Geekery (460)
- Hardware (935)
- Accessories (79)
- Intel Macs (162)
- Ihnatko (18)
- Internet (463)
- Legal (244)
- MacUser (95)
- Macalope (8)
- Money (177)
- Music (344)
- Podcasting (100)
- Photography (74)
- Security (246)
- Software (1544)
- Updates (538)
- Tips (352)
- Troubleshooting (189)
- Video (403)
- Windows (219)
- iPhone (199)
- iPod (602)
- iPod Accessories (96)
- iPod Software (61)
- iTunes (128)
- iTunes Store (443)
Archives
- November 2008 (92)
- October 2008 (138)
- September 2008 (151)
- August 2008 (177)
- July 2008 (175)
- June 2008 (171)
- May 2008 (185)
- April 2008 (234)
- March 2008 (217)
- February 2008 (215)
- January 2008 (239)
- December 2007 (169)
- November 2007 (164)
- October 2007 (187)
- September 2007 (167)
- August 2007 (195)
- July 2007 (152)
- June 2007 (223)
- May 2007 (243)
- April 2007 (286)
- March 2007 (288)
- February 2007 (250)
- January 2007 (266)
- December 2006 (244)
- November 2006 (293)
- October 2006 (307)
- September 2006 (250)
- August 2006 (268)
- July 2006 (288)
- June 2006 (293)
- May 2006 (297)
- April 2006 (351)
- March 2006 (366)
- February 2006 (110)
- January 2006 (107)
- December 2005 (23)
Mac Publishing Sites
Links
Glad to see that Installer problem fixed