Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Vulnerability Management, Patch/Configuration Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Apple distributes Leopard update

Apple this week released three patches for OS X version 10.5 – also known as Leopard – fixing issues in Application Firewall.

The patches are the first security distribution specifically for the latest version of OS X, released in late October.  

Apple disclosed that one issue in Application Firewall creates a situation where the "block all incoming connections" setting for the firewall is misleading, which could result in the exposure of network services.

The patch changes that description to “only allow essential services” for a limited number of processes.
Apple also fixed Application Firewall to correctly block incoming connections. An issue had caused processes “running as user root" to receive incoming connections, even if those processes should have been marked to block such connections, according to Apple's latest security advisory.

Apple also updated Application Firewall so that setting changes take place immediately after they are implemented, not after the application is restarted.

In the most patch-heavy week in memory for Apple, the Cupertino, Calif.-based company released updates OS X version 10.4.11 and Safari 3 Beta on Wednesday, and iPhone and iPod Touch versions 1.1.2 on Monday.


Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.