Home > Apple > Apple releases new Mac OS X security update Apple releases new Mac OS X security update Eugenia Loli 2004-12-03 Apple 38 Comments Apple today released Security Update 2004-12-02, which includes a number of security enhancements and updated components for Mac OS X. About The Author Eugenia Loli Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker. Follow me on Twitter @EugeniaLoli 38 Comments 2004-12-03 7:22 am No issues found as of yet. Nice to see Apple being proactive. 2004-12-03 7:44 am So far so good. 2004-12-03 10:49 am No problems here, tried out all the installed applications, and it seems that they’re all working as expected. Another clean and successful installation. 2004-12-03 10:49 am Apple is moving quick in the OS arena – the most modern OS and pro-active security enhancement. Its very cool to see them making use of the best Open Source softwares in their distributions and actively updating this – i bet they did some quality assurance first, which is always nice, it benefits the community aswell. 2004-12-03 11:23 am Proactive is nice, but why do we always have to REBOOT after an install? OS X is “supposed to be” a little like *nix, this no-reboot-after-upgrade is in my opinion as one of *nix-systems greatest advances. 2004-12-03 11:27 am Proactive is nice, but why do we always have to REBOOT after an install? OS X is “supposed to be” a little like *nix, this no-reboot-after-upgrade is in my opinion as one of *nix-systems greatest advances. 2004-12-03 11:50 am A lot of the fixes have to do with Apache. How many Mac OS X clients use Apache? 2004-12-03 11:51 am Depends on What package your installing. you don’t have to reboot, when you update, itunes, or safari, or any other apps you have. When you have to reboot is when you make a core system change, A reboot does ensure that the New software loads. The problem with windows is that you have to reboot with every piece of software you install, whether it’s mozilla, or security updates to IE. You have to reboot. A slight difference. Also you don’t technically have to reboot, it’s just that the system will be more stable, if you don’t have enough memory. 2004-12-03 12:09 pm Viro, don’t know if you’re looking for a statistic or just personal input.. but, i use apache for personal web content and it runs fine.. no problems, ever. I can’t think of any reason why it wouldn’t be just like any other install on a *nix based system. so running it on OS X would be fine. 2004-12-03 12:25 pm On Apple’s Tiger preview pages they mention that Tiger includes a new service called launchd. Apparently launchd has the ability to update, stop and restart services without a reboot. I don’t know if this is true, or even if it is whether Apple will implement it. Matt 2004-12-03 12:30 pm I use Apache on all three of the Macs that I use on a daily basis. At work, on my laptop, and on my home machine. I’m a web developer, so maybe I’m an exception to the rule, but I’m quite happy that Apple has included Apache with the standard install. 2004-12-03 1:19 pm Great to see Apple continuing to take security so seriously. Unlike “other” OS makers, where the patches come after embarrassing security breakdowns. 2004-12-03 1:32 pm Is it usual that the OS hangs efter a security update? I still remember comments like this when I was using gnu/linux. “Oh, what a surprice, I can still use my computer.” Just wondering. 2004-12-03 1:56 pm I use apache on my mac, I have it running as a web server, hosting my own site. 2004-12-03 3:45 pm One thing that I noticed after the update is, after I rebooted, my wireless connection stopped working. For some reason all of my wireless settings were gone and I had to reenter them. Not really a problem but it would be nice if the updates could be performed without deleting those settings. Not such a problem for a home user but a company rollout to multiple users could cause problems. 2004-12-03 3:55 pm I had no such problem on my networks. I am completely wireless at home and work, and such have multiple network Locations defined. All of them use 128bit WEP and ACL’s, and the security patch had no adverse affects on any of it. -fp 2004-12-03 6:19 pm I always find it funny how people complain about having to reboot after an upgrade. Our average windows friends have to reboot daily, many times just to load an app. it’s just comical what they are willing to put up with. (And to those of you who are going to reply, “I haven’t rebooted in 18 days on my home built PC.” You are the exception, and you know you are.) 2004-12-03 6:26 pm recently got a powerbook… i highly recommend apple still miss some aspects of BeOS, but OS X easily comes out on top of the current selection of shit, IMHO 2004-12-03 7:30 pm It is not that people are complaining about the reboots except that they should be unnecessary under a UNIX based OS. 2004-12-03 7:54 pm Proactive is nice, but why do we always have to REBOOT after an install? It is not that people are complaining about the reboots except that they should be unnecessary under a UNIX based OS. *ahem* Well, it’s not all that much different than other Unix environments such as Solaris where the system should (and often must) be brought to single user mode before installing a patch cluster, and often do require a reboot, especially if anything relating to the kernel has been modified. Many OS X updates don’t require a reboot, although I will agree that there are some which seem to reqire one unnecessarily. However, please don’t pretend that Unix operating systems never need to be rebooted when updates are installed. Failing to reboot will leave the problems that patches requiring reboots are attempting to solve unremedied. 2004-12-03 7:55 pm Didn’t know that many people made use of Apache that came with OSX. But then, most people on these boards don’t qualify as the average joe user, so I guess I shouldn’t be surprised :-). 2004-12-03 7:57 pm After installation of this update, our primary server seems to lockup every hour or so. The system has been perfectly stable prior to this update. System Log looks like this: localhost lmtpd: auxpropfunc error -1 localhost ctl_cyrusdb: checkpointing cyrus databases localhost ctl_cyrusdb: done checkpointing cyrus databases Then it locks up. no terminal activity, no responses whatsoever. A manual hard boot is required. I have replaced the ram in this machine, and continue to see the same results. Any Ideas? 2004-12-03 8:28 pm “Our average windows friends have to reboot daily, many times just to load an app. it’s just comical what they are willing to put up with. (And to those of you who are going to reply, “I haven’t rebooted in 18 days on my home built PC.” You are the exception, and you know you are.)” Actually most people turn of their computers at night (reguardless of its brand) so they normally get rebooted every day. As for the people who leave them on, I see that most of them have multi-week uptimes even if they are running Windows. So no having a Windows system up for more then a day (or week for that matter) is not an exception to the rule, its perfectly normal. But anyhow on the subject of the story I have to say its nice seeing a company update their operating system before the holes become public and used to attack computers. It shows Apple is really trying to get the reliability factor going for their computers. 2004-12-03 8:37 pm You do not need to reboot many if not most things under Windows XP. You definitely do not have to reboot windows xp for mozilla. Win 98 apps that do not know about windows may prompt you to reboot, but that is actually unnecessary. I would always advise people to use something other than Windows if possible, but saying that Windows requires reboots for normal apps is incorrect. 2004-12-03 8:54 pm “Didn’t know that many people made use of Apache that came with OSX. But then, most people on these boards don’t qualify as the average joe user, so I guess I shouldn’t be surprised :-).” I think most OS X users use it in one way or another whether they know it or not. In System Prefs when you turn Web Sharing on it doesn’t ever mention that it’s Apache. I’d be willing to bet that most people who use it don’t know what it is. 2004-12-03 9:08 pm and the software update blew away my custom setup. of course, i had recompiled 1.3.33 by hand in order to add in an updated version of mod_perl and mod_yasl (YASL scripting language). Fairly simple fix. I just reran the apache src config.status and reinstalled. Good thing I had that laying around. I also have PHP 5 and MySQL on this box… I also haven’t rebooted yet. I did the softwareupdate via command-line. Typically it looks like this: % sudo softwareupdate -i SecUpd2004-12-02Pan-1.0 Password: Software Update Tool Copyright 2002-2003 Apple Computer, Inc. Security Update 2004-12-02: 0…10…20…30…40…50…60…70…80…90…100 Optimizing system performance. This may take a while… Done. You have installed one or more updates that requires that you restart your computer. Please restart immediately. I’ll probably keep on working and wait til about two days from now to reboot, when my coworkers aren’t hooked up to me via afp filesharing. 2004-12-03 10:50 pm Been running Panther for almost a year now and not one Crash or Lockup after an Update. Always works perfectally. 2004-12-03 11:13 pm I have had no problems so far. I have it running on all 4 of my machines and the the whopping two Macs I administer at work. As for the reboot issue. Most *nix’s do not require a reboot for most updates thats true. But it is most often suggested to make sure the new, upgraded apps get loaded. I think this may have been mentioned but not sure. 2004-12-04 2:11 am The problem with windows is that you have to reboot with every piece of software you install, whether it’s mozilla, or security updates to IE. You have to reboot. Rubbish. 2004-12-04 2:15 am Our average windows friends have to reboot daily, many times just to load an app. it’s just comical what they are willing to put up with. This word does not mean what you seem to think it means. (And to those of you who are going to reply, “I haven’t rebooted in 18 days on my home built PC.” You are the exception, and you know you are.) I don’t know _anyone_ who *has* to reboot daily. I know a lot of people who turn their computer off at night, but no-one who actually has to reboot their machine on a regular basis to achieve something. 2004-12-04 7:25 am >>Proactive is nice, but why do we always have to REBOOT after an install? >>It is not that people are complaining about the reboots except that they >>should be unnecessary under a UNIX based OS. Just like you don’t need to reboot Linux after a glibc or kernel update? 2004-12-04 8:11 am glibc, no; when I update glibc on my MDK Cooker box, urpmi restarts a bunch of low-level services and everything carries on working. kernel, yes. Did this change anything in the OS X kernel, though? 2004-12-04 10:22 am apple still needs a better font-rendering engine, something similar to freetype2. that’s the only thing i always complain about, sorry, but somebody has to say this over and over. this time, it’s me. 2004-12-04 1:08 pm Apple’s font rendering doesn’t look bad IMO, but I would put the differences between it and freetype down to taste rather than technical prowess. Personally I DO prefer the crispness of freetype fonts and it would be nice to have a few different settings for font rendering under OS X. 2004-12-04 6:19 pm hm, it doesn’t look bad, but it doesn’t look good either. It’s hard to understand for me that a more *blurry* font-rendering can be a matter of taste, but OK. If someone likes blurry fonts then it must be possible to use them. I simply can’t stare at that blurry fonts while knowing that crisper rendering is technically possible, but (cr)apple doesn’t think it’s neccessary. A typical os-x user, never using other OS, never watching other font-rendering techniques, will be MAY BE satisfied with apples current implemention. I’m not. *sorry eugenia that this is off-topic, but it makes me insane. 2004-12-04 9:21 pm “A typical os-x user, never using other OS” are you serious? you think that the typical OS X user has never used other operating systems? we have to deal with them constantly everyday. that’s why your typical OSX user loves the system so much, it’s a break from the everyday vanilla you always have to deal with. sorry, i don’t mean to sound like i’m biting your head off, but i thought that was a really odd statement 2004-12-04 9:33 pm sorry for that. but fonts still suck. 2004-12-05 7:00 pm I agree that OS X fonts do need work to be on par with Linux. With Ubuntu on my Powerbook, and auto-hinting enabled, the fonts are just beautiful!