Get the E-Commerce Minute Newsletter from the E-Commerce Times » View Sample | Subscribe
Welcome Guest | Sign In
ECTNews.com
Ideoclick eBook
E-Commerce Times TechNewsWorld CRM Buyer LinuxInsider

Apple Goes Gaga on Security With OS X Update

By Richard Adhikari MacNewsWorld ECT News Network
May 13, 2009 12:51 PM PT

With the release of Mac OS X 10.5.7 Wednesday, Apple appears to have acknowledged a raft of security issues surrounding its operating system.

Apple Goes Gaga on Security With OS X Update

The latest updated version of the Mac operating system addresses bugs, improves support, and contains 47 security fixes, by the count of security software vendor Intego.

The package include updates to the OS, core graphics and the iChat video chat client, as well as to the Safari browser.

10.5.7 Security Updates

Apple recommends that users of Mac OS X 10.5, also known as "Leopard," install Mac OS X 10.5.7, which includes general operating system fixes that enhance its stability, compatibility and security.

The scope of the 47 security fixes spotlighted by Intego ranges from Apache to X-11 by way of core graphics, disk images, Flash Player, iChat and PHP, among others. Apple is also bundling a Flash player update into its own security update, according to the security firm.

"Somebody at Apple appears to get the fact that the Mac platform has been lagging the industry in terms of security," Charles King, principal at Pund-IT, told MacNewsWorld.

Apple did not respond to requests for comment by press time.

Safari and Security

Apple's Safari browser, once touted as the fastest on the Web, has also been upgraded to fix security vulnerabilities.

The update to the public beta version of Safari 4 fixed three problems, according to Intego; Apple's update of Safari 3.2.3 addressed the same three issues.

The updates are for computers running Mac OS X 10.4.11, Mac OS X 10.5.7, Microsoft Windows XP and Windows Vista, Apple said.

Security Issues With 10.5

The Mac and the iPhone have become more prevalent in the enterprise, which could make Apple software a larger target for hackers. This year, Apple products were dealt several security blows, according to security software vendor SecureMac.

iBotNet, also known as the "iServices Trojan Horse botnet," hit Mac users in April. In March, proofs of concept for six kernel vulnerabilities, five of which affect Mac OS X 10.5.6, were made public. Around the same time, two new variants of the DNSChanger Trojan horse, which is disguised as an installer for "MacCinema," emerged, SecureMac said.

"Every time Apple gains another point of market share it becomes a bigger target for hackers, and it's definitely in high-value territory," Pund-IT's King said.

A New Approach Needed?

The Mac OS X 10.5.7 upgrade is typical of Apple's approach to upgrades, said Clint Ruoho, chief technology officer at professional security services firm Laconic Security.

"Unlike Microsoft, which releases security fixes on the month, Apple will roll up their fixes and release them on an undetermined schedule," Ruoho told MacNewsWorld.

That has caused problems as Apple products push into the enterprise. "Apple takes a lot of flak for its approach to updates from enterprise customers," Ruoho said. "Enterprises rely on more or less a set development schedule where they know when the patches come out."

Apple needs to change its approach as it continues to target corporate America, Ruoho said.

New Leopard at WWDC

At its Worldwide Developers Conference, to be held in San Francisco in June, Apple will offer in-depth sessions on the next version of Mac OS X, code named "Snow Leopard."

Apple has touted Snow Leopard as an even more powerful and refined version of OS X that will be the foundation for future Macs.

The keynote address will be given by a team of Apple executives, led by Philip Schiller, Apple's senior vice president of marketing.

This will be Schiller's second time delivering a keynote speech at a major Apple event. In January, he delivered the keynote for the Macworld Expo, held in San Francisco. CEO Steve Jobs, meanwhile, remains on medical leave. He is expected to return to Apple's helm later in June, company officials have said.


Are you willing to pay a subscription fee to Twitter?
Yes - Twitter is an important tool for my organization. Paying for a subscription is an easy business decision for us.
Yes - I use the platform frequently and want access to every available feature.
Possibly - It depends on which features will be offered and what those will cost.
No - I will only use Twitter for services that are available free of charge.
No - I don't use Twitter for free, so I'd never consider a paid subscription.