• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Atom is Out in Apple's Snow Leopard Security Patch



    Several weeks ago, we revisited the complaint from many Snow Leopard users that their files would be deleted from the home directory after logging into a guest account. At the time, Apple said it was looking into the matter and would have a proposed fix in the near future.

    Tonight, the future has arrived, as Apple has unveiled its latest Snow Leopard update - a security patch that aims to fix a plethora of issues while simultaneously enhancing the general performance of the operating system.

    According to InformationWeek, the Mac OS X 10.6.2 update addresses many of the security vulnerabilities that occur in open source components of Mac OS X, like Apache or Subversion.

    The 10.6.2 update resolves a bug that could lead to the deletion of files in a user's home directory following a Guest account login. It also repairs an unexpected logout issue, a problem with Spotlight search that prevented Exchange contacts from being seen, and numerous other stability and usability issues, as explained on Apple's Web site.
    As already widely reported, the update disables support for X.509 certificates with MD2 encryption "for uses other than trusted root certificates." InformationWeek explains that this move was prompted by a weakness in the MD2 hash algorithm.

    According to the Apple update summary, the update also targets login bypass vulnerability:

    "If an account on the system has no password, such as the Guest account, a user may log in to any account without supplying a password. This update addresses the issue through improved access checks."
    The 473-megabyte update, however, does NOT run on the Intel Atom processor, a further sign that Apple is serious about
    cracking down on those dreaded "Hackintoshes" or netbooks utilizing the infamous Atom chip to illegally run OS X.

    The update, which addresses some forty security vulnerabilities, is now available for download from Apple's website or via Apple's Software Update preference panel.

    Image via Apple
    This article was originally published in forum thread: Atom is Out in Apple's Snow Leopard Security Patch started by Michael Essany View original post