FYI...

Apple Releases Fix For iMacs That Freeze Up
- http://www.informationweek.com/shared/prin...cleID=202801705
Nov. 2, 2007 - "Apple has released software updates to fix the problem of the latest iMacs freezing up during normal use. The updates, released Thursday, are recommended for 20-inch and 24-inch models with 2.0 GHz and 2.4 GHz Intel Core 2 Duo processors and with the 2.8 GHz Core 2 Extreme processor. The name of the updates, which are on Apple's Web site, are Software Update 1.3* for Leopard, the latest version of Mac OS X; and Software Update 1.2** for Leopard's predecessor Tiger. Apple acknowledged in early October that it had received complaints about iMacs freezing up suddenly and becoming unusable. Users had to reset the machines to bring them back to life. The iMacs affected by the problem were introduced in August, along with new versions of Apple's iLife and iWork software suites... Apple is advising customers to update their machines either through the company's automatic update mechanism or a download from the Web site... Last month, the company posted a fix on its Web site for a serious flaw that caused its Mac computers to seize up when users attempted to upgrade to Leopard***, officially known as OS X 10.5. Leopard was released Oct. 26..."

* http://www.apple.com/support/downloads/ima...e13leopard.html

** http://www.apple.com/support/downloads/mac...reupdate12.html

*** http://docs.info.apple.com/article.html?artnum=306857

.

FYI...

iMac Software Update 1.2.1 (Tiger)
- http://www.apple.com/support/downloads/ima...te121tiger.html
November 6, 2007

"...What’s New in this Version
This update is for 20-inch and 24-inch aluminum iMac computers with 2.0, 2.4, or 2.8 GHz processors running Mac OS X Tiger. It improves the performance and reliability of graphics-intensive games and applications and fixes an issue that some customers encountered when installing Mac OS X Leopard after applying iMac Software Update 1.2..."

.

FYI...

Mac OS X 10.4.11 and Security Update 2007-008
- http://docs.info.apple.com/article.html?artnum=307041
November 14, 2007
"Mac OS X v10.4.11 and Security Update 2007-008, which can be downloaded and installed via Software Update preferences, or from Apple Downloads*..."

* http://docs.info.apple.com/article.html?artnum=61798

- http://secunia.com/advisories/27643/
Release Date: 2007-11-15
Critical: Highly critical
Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, Privilege escalation, DoS, System access
Where: From remote
Solution Status: Vendor Patch
OS: Apple Macintosh OS X
Solution: Update to Mac OS X 10.4.11 or apply Security Update 2007-008...

.

This post has been edited by AplusWebMaster: Nov 15 2007, 06:10 AM

FYI...

Mac OS X 10.5.1 Update
- http://docs.info.apple.com/article.html?artnum=306907
November 15, 2007 - "The Mac OS X 10.5.1 Update updates Mac OS X Leopard version 10.5 to version 10.5.1. The 10.5.1 Update is recommended for all users running Mac OS X Leopard and includes general operating system fixes that enhance the stability, compatibility and security of your Mac..."
- http://www.apple.com/support/downloads/macosx1051update.html

- http://secunia.com/advisories/27695/
Release Date: 2007-11-16
Impact: Security Bypass
Where: From remote
Solution Status: Vendor Patch
Original Advisory: Apple: http://docs.info.apple.com/article.html?artnum=307004

.

This post has been edited by AplusWebMaster: Nov 16 2007, 05:18 AM

FYI...

Mac OS X 10.4 - Java Release 6
Apple fixes 18 flaws in Tiger's Java
- http://preview.tinyurl.com/2km3l9
December 15, 2007 (Computerworld) - "Apple Inc. has updated Java for Mac OS X 10.4, aka Tiger, to patch 18 different vulnerabilities, including some fixed as long ago as May by Java's maker, Sun Microsystems Inc. Apple's newest operating system, dubbed Leopard, does not need to be patched because it includes the updated Java components. According to the accompanying advisory*, Tiger's Java, Java 1.4 and J2SE 5.0 contain flaws that in some cases can lead to what Apple calls "arbitrary code execution," which means that attackers may be able to insert their own malware during an exploit and/or gain complete control of the machine. Apple, unlike rivals such as Microsoft Corp., does not rank or rate its security updates to give users an idea of the severity of the bugs..."
* http://docs.info.apple.com/article.html?artnum=307177

- http://secunia.com/advisories/28115/
Release Date: 2007-12-17
Critical: Highly critical



This post has been edited by AplusWebMaster: Dec 17 2007, 06:12 AM

FYI...

Apple Security Update 2007-009
- http://isc.sans.org/diary.html?storyid=3760
Last Updated: 2007-12-17 23:03:32 UTC - "Apple has released security update 2007-009 which contains fixes for several key components of the Mac OS X operating system. The following downloads are now available:
2007-009 10.5.1 includes fixes for CF Network, Core Foundation, CUPS, Flash Player Plug-in, Launch Services, perl, python, Quick Look, ruby, Safari, Samba, Shockwave Plug-in and Spin Tracer.
> http://www.apple.com/support/downloads/sec...0070091051.html

2007-009 10.4.11 Universal and 10.4.11 PPC include fixes for Address Book, CUPS, ColorSync, Core Foundation, Desktop Services, Flash Player Plug-in, gnutar, iChat, IO Storage Family, Launch Services, Mail, perl, python, ruby, Samba, Safari, Shockwave Plug-in, SMB, Spotlight, tcpdump and XQuery.
> http://www.apple.com/support/downloads/sec...1universal.html

> http://www.apple.com/support/downloads/sec...0910411ppc.html

Several of these issues are rather serious, so we strongly advise installing these updates at your earliest convenience. You can read up on the individual CVE numbers and vulnerability descriptions here*."
* http://docs.info.apple.com/article.html?artnum=307179

- http://secunia.com/advisories/28136/
Release Date: 2007-12-18
Critical: Highly critical


This post has been edited by AplusWebMaster: Dec 18 2007, 05:37 AM

FYI...

- http://www.macworld.co.uk/mac/news/index.cfm?newsid=19983
19 December 2007 - "...The update addressed an issue that caused the keyboard to freeze. Reports indicate that the Intel-based models running Mac OS X Leopard were affected, with keyboard freezes lasting for up to a minute, or more..."

MacBook, MacBook Pro Software Update 1.1
- http://www.apple.com/support/downloads/mac...reupdate11.html
December 18, 2007 - "This update addresses a responsiveness issue MacBook and MacBook Pro notebook computers. Some MacBook and MacBook Pro systems may occasionally experience a temporary suspension of keyboard input which can last a minute or longer. The Mac OS X 10.5.1 update is required before installing the MacBook, MacBook Pro Software Update 1.1."

FYI...

Security Update 2007-009 v1.1
- http://docs.info.apple.com/article.html?artnum=307224
December 21, 2007 - "...Security Update 2007-009 v1.1 addresses an issue introduced in Security Update 2007-009 that may cause Safari to unexpectedly quit when browsing to certain websites. There is no change to the security content provided in Security Update 2007-009... Security Update 2007-009 v1.1 will install over Security Update 2007-009, and its installation is recommended to resolve the Safari issue. Systems that have not yet installed Security Update 2007-009 only need to install Security Update 2007-009 v1.1..."

Security Updates
- http://docs.info.apple.com/article.html?artnum=61798
Latest - 21 Dec 2007



This post has been edited by AplusWebMaster: Dec 24 2007, 11:43 AM

FYI...

iPhoto 7.1.2 released
> http://docs.info.apple.com/article.html?artnum=307398
February 04, 2008 - "...Impact: Subscribing to a maliciously crafted photocast may lead to arbitrary code execution.
Description: A format string vulnerability exists in iPhoto. By enticing a user to subscribe to a maliciously crafted photocast, a remote attacker may cause arbitrary code execution. This update addresses the issue... can be downloaded and installed via Software Update preferences, or from
Apple Downloads..."
- http://www.apple.com/support/downloads/
(02/05/2008 - 14.2MB)

> http://www.us-cert.gov/current/#apple_rele...rity_update_to7

FYI...

Apple security update 2008-001 and 10.5.2 upgrade
- http://isc.sans.org/diary.html?storyid=3974
Last Updated: 2008-02-12 01:22:32 UTC - "Apple released today a Security Update 2008-001 for Mac OS X 10.4 fixing -5- vulnerabilities in one patch. At the same time an upgrade to Mac OS X 10.5.2 was released, which also incorporates the security update all in one package (fixing -8- vulnerabilities). An upgrade like this can be best compared to a Service Pack in the windows world. It's not just a security fix, but also a functionality upgrade.
* Mac OS X 10.5.2:
http://docs.info.apple.com/article.html?artnum=307109
* Security content of 10.5.2 and security update 2008-001:
http://docs.info.apple.com/article.html?artnum=307430
* Apple updates can be found on:
http://docs.info.apple.com/article.html?artnum=61798
As always, Apple packages security fixes into one big patch. Software update will offer it to your mac users that haven't turned the feature off."

- http://secunia.com/advisories/28891/
Release Date: 2008-02-12
Critical: Highly critical
Impact: Security Bypass, Exposure of system information, Privilege escalation, DoS,
System access
Where: From remote
Solution Status: Vendor Patch...


This post has been edited by AplusWebMaster: Feb 12 2008, 04:36 AM

FYI...

MacBook Air SMC Update 1.0
- http://www.apple.com/support/downloads/mac...mcupdate10.html
March 10, 2008 - "The SMC Update fine tunes the speed and operation of the internal fan. This update is recommended for all MacBook Air systems. The updater application will be installed in the /Applications/Utilities folder. Please follow the instructions in the updater application to complete the process."

> http://discussions.apple.com/thread.jspa?t...43&tstart=0

.

FYI...

Mac OS X - Security Update 2008-002
- http://docs.info.apple.com/article.html?artnum=307562
March 18, 2008 - "This document describes Security Update 2008-002, which can be downloaded and installed via Software Update preferences*, or from Apple Downloads..."
* http://docs.info.apple.com/article.html?artnum=106704

Apple Downloads:
- http://www.apple.com/support/downloads/
"Security Update 2008-002 is recommended for all users and improves the security of Mac OS X. Previous security updates have been incorporated into this security update."

- http://secunia.com/advisories/29420/
Release Date: 2008-03-19
Critical: Highly critical
Impact: Unknown, Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, Privilege escalation, DoS, System access
Where: From remote
Solution Status: Vendor Patch
OS: Apple Macintosh OS X ...



This post has been edited by AplusWebMaster: Mar 20 2008, 07:17 AM

FYI...

AirPort Extreme Base Station Firmware 7.3.1
- http://support.apple.com/kb/HT1226
19 Mar 2008- "This document describes the security content of AirPort Extreme Base Station Firmware 7.3.1...
Products Affected: Airport Extreme Base Station, Security

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1012

Software updates for Mac OS X are available via:
* Software Update preferences: http://docs.info.apple.com/article.html?artnum=106704
* Apple Downloads: http://www.apple.com/support/downloads/

.

FYI...

Security Update 2008-002 v1.1 (Leopard)
- http://www.apple.com/support/downloads/sec...v11leopard.html
Security Update 2008-002 is recommended for all users and improves the security of Mac OS X. Previous security updates have been incorporated into this security update.
03/26/2008 50MB

Security Update 2008-002 v1.1 Server (Leopard)
- http://www.apple.com/support/downloads/sec...verleopard.html
Security Update 2008-002 is recommended for all servers and improves the security of Mac OS X. Previous security updates have been incorporated into this security update
03/26/2008 108MB

This post has been edited by AplusWebMaster: Mar 26 2008, 09:38 PM

FYI...

Safari 3.1.1 released
* http://support.apple.com/kb/HT1467
4/16/2008 - "For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available..."
- http://www.apple.com/support/downloads/

- http://secunia.com/advisories/29846/
Release Date: 2008-04-17
Critical: Highly critical
Impact: Cross Site Scripting, DoS, System access
Where: From remote
Solution Status: Vendor Patch
...The vulnerabilities are reported in versions prior to 3.1.1...

.