Mac Season

If you're new to MacSeason.com and like what you see, you may want to subscribe to our RSS feed.

So you are the type that could not really be bothered browsing around the web to find out what is going on or just not sure what to look for?

Now there is a service that will allow you to sit and watch what others are browsing and then you can just click a link if you want the details (the preview is often big enough to read so you don’t have to even click).

Atten.TV turns personal clickstreams into social media. It basically allows people to watch what other people are clicking on, in real-time.

You can be an exhibitionist and broadcast your clickstream to the world - or you can be a voyeur and just watch what others are clicking on.

Give it a go it is kinda fun - oh and by the way Mac users only…for now at least

Apple has released a comprehensive security update addressing a series of vulnerabilities mainly on a local user level - but also patching a few remote issues.

Also this update fixes two previously unresolved MOAB’s (MOAB-30-01-2007 and MOAB-26-01-2007).

I maintain a status of the the issues reported during the “Month of Apple Bugs” - please let me know if I have missed something.

AFP Client

CVE-ID: CVE-2007-0729

Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9, Mac OS X Server v10.4.9

Impact: A local user may obtain system privileges

Description: Under certain circumstances, AFP Client may execute commands without properly cleaning the environment. This may allow a local user to create files or execute commands with system privileges. This update addresses the issue by cleaning the environment prior to executing commands.

AirPort

CVE-ID: CVE-2007-0725

Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9, Mac OS X Server v10.4.9

Impact: A local user may be able to execute arbitrary code with elevated privileges

Description: A buffer overflow vulnerability exists in the AirPortDriver module which processes control commands for AirPort. By sending malformed control commands, a local user could trigger the overflow which may lead to arbitrary code execution with elevated privileges. This issue affects eMac, iBook, iMac, PowerBook G3, PowerBook G4, and Power Mac G4 systems equipped with an original AirPort card. This issue does not affect systems with the AirPort Extreme card. This update addresses the issue by performing proper bounds checking.

CarbonCore

CVE-ID: CVE-2007-0732

Available for: Mac OS X v10.4.9, Mac OS X Server v10.4.9

Impact: A local user may be able to execute arbitrary code with elevated privileges

Description: The CoreServices daemon could allow a local user to obtain a send right to its Mach task port, which may lead to arbitrary code execution with elevated privileges. This update addresses the issue by through improved checks in the CoreServices interprocess communication. This issue does not affect systems prior to Mac OS X v10.4.

diskdev_cmds

CVE-ID: CVE-2007-0734

Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9, Mac OS X Server v10.4.9

Impact: Opening a maliciously-crafted UFS disk image may lead to an unexpected application termination or arbitrary code execution

Description: A memory corruption vulnerability exists in fsck. It is possible to cause fsck to be run automatically on a disk image when it is opened. By enticing a user to open a maliciously-crafted disk image, or to run fsck on any maliciously-crafted UFS filesystem, an attacker could trigger the issue which may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of UFS filesystems.

fetchmail

CVE-ID: CVE-2006-5867

Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9, Mac OS X Server v10.4.9

Impact: fetchmail may send passwords in plain text, even when configured to use TLS

Description: fetchmail is updated to version 6.3.6 to fix a vulnerability that could allow authentication credentials to be sent in plain text, despite being configured to use TLS. This issue is described on the fetchmail web site at http://fetchmail.berlios.de/fetchmail-SA-2006-02.txt

ftpd

CVE-ID: CVE-2006-6652

Available for: Mac OS X v10.3.9, Mac OS X v10.4.9

Impact: FTP operations by authenticated FTP users may lead to arbitrary code execution

Description: lukemftpd has been updated to version tnftpd 20061217 to address a buffer overflow vulnerability in the handling of commands with globbing characters that could lead to arbitrary code execution. This issue does not affect Mac OS X Server v10.3.9 or Mac OS X Server v10.4.9. Credit to Kevin Finisterre of DigitalMunition for reporting this issue.

GNU Tar

CVE-ID: CVE-2006-0300

Available for: Mac OS X v10.4.9, Mac OS X Server v10.4.9

Impact: Listing or extracting a maliciously-crafted tar archive may lead to an unexpected application termination or arbitrary code execution

Description: A buffer overflow vulnerability exists in the handling of PAX extended headers in GNU tar archives. By enticing a local user to list or extract a maliciously-crafted tar archive, an attacker can trigger the overflow which may lead to an unexpected application termination or arbitrary code execution. This issue has been addressed by performing additional validation of tar files. This issue does not affect systems prior to Mac OS X 10.4.

Help Viewer

CVE-ID: CVE-2007-0646

Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9, Mac OS X Server v10.4.9

Impact: Opening a help file with a maliciously-crafted name may lead to an unexpected application termination or arbitrary code execution

Description: A format string vulnerability exists in the Help Viewer application. By enticing a user to download and open a help file with a maliciously-crafted name, an attacker can trigger the vulnerability which may lead to an unexpected application termination or arbitrary code execution. This has been described on the Month of Apple Bugs web site (MOAB-30-01-2007). This update addresses the issue by eliminating any format string processing of file names.

HID Family

CVE-ID: CVE-2007-0724

Available for: Mac OS X v10.4 through Mac OS X v10.4.9, Mac OS X Server v10.4 through Mac OS X Server v10.4.9

Impact: Console keyboard events are exposed to other users on the local system

Description: Insufficient controls in the IOKit HID interface allow any logged in user to capture console keystrokes, including passwords and other sensitive information. This update addresses the issue by limiting HID device events to processes belonging to the current console user. Credit to Andrew Garber of University of Victoria, Alex Harper, and Michael Evans for reporting this issue. This fix was originally distributed via the Mac OS X v10.4.9 update. However, due to a packaging issue it may not have been delivered to all systems. This update redistributes this fix in order to reach all affected systems.

Installer

CVE-ID: CVE-2007-0465

Available for: Mac OS X v10.4.9, Mac OS X Server v10.4.9

Impact: Opening an installer package with a maliciously-crafted name may lead to an unexpected application termination or arbitrary code execution

Description: A format string vulnerability exists in the Installer application. By enticing a user to download and install an installer package with a maliciously-crafted file name, an attacker can trigger the vulnerability which may lead to an unexpected application termination or arbitrary code execution. This issue has been described on the Month of Apple Bugs web site (MOAB-26-01-2007). This update addresses the issue by eliminating any format string processing of file names. This issue does not affect systems prior to Mac OS X v10.4.

Kerberos

CVE-ID: CVE-2006-6143

Available for: Mac OS X v10.4.9, Mac OS X Server v10.4.9

Impact: Running the Kerberos administration daemon may lead to an unexpected application termination or arbitrary code execution with system privileges

Description: An uninitialized function pointer vulnerability exists in the MIT Kerberos administration daemon (kadmind), which may lead to an unexpected application termination or arbitrary code execution with system privileges. Further information on the issue and the patch applied is available via the MIT Kerberos website at http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2006-002-rpc.txt. This issue does not affect systems prior to Mac OS X v10.4. Credit to the MIT Kerberos Team and an anonymous researcher working with iDefense for reporting this issue.

Kerberos

CVE-ID: CVE-2007-0957

Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9, Mac OS X Server v10.4.9

Impact: Running the Kerberos administration daemon or the KDC may lead to an unexpected application termination or arbitrary code execution with system privileges

Description: A stack buffer overflow vulnerability exists in the MIT Kerberos administration daemon (kadmind), as well as the KDC, which may lead to an unexpected application termination or arbitrary code execution with system privileges. Further information on the issue and the patch applied is available via the MIT Kerberos website at http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-002-syslog.txt. Credit to the MIT Kerberos Team for reporting this issue.

Kerberos

CVE-ID: CVE-2007-1216

Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9, Mac OS X Server v10.4.9

Impact: Running the Kerberos administration daemon may lead to an unexpected application termination or arbitrary code execution with system privileges

Description: A double-free vulnerability exists in the GSS-API library used by the MIT Kerberos administration daemon (kadmind), which may lead to an unexpected application termination or arbitrary code execution with system privileges. Further information on the issue and the patch applied is available via the MIT Kerberos website at http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-003.txt. Credit to the MIT Kerberos Team for reporting this issue.

Libinfo

CVE-ID: CVE-2007-0735

Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9, Mac OS X Server v10.4.9

Impact: Visiting malicious websites may lead to an unexpected application termination or arbitrary code execution

Description: In some cases, Libinfo does not correctly report errors to applications that use it. By enticing a user to visit a maliciously-crafted web page, an attacker can cause a previously deallocated object to be accessed, which may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing appropriate error reporting in Libinfo. Credit to Landon Fuller of Three Rings Design for reporting this issue.

Libinfo

CVE-ID: CVE-2007-0736

Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9, Mac OS X Server v10.4.9

Impact: Remote attackers may be able to cause a denial of service or arbitrary code execution if the portmap service is enabled

Description: An integer overflow vulnerability exists in the RPC library. By sending maliciously-crafted requests to the portmap service, a remote attacker can trigger the overflow which may lead to a denial of service or arbitrary code execution as the ‘daemon’ user. This update addresses the issue by performing additional validation of portmap requests. Credit to the Mu Security Research Team for reporting this issue.

Login Window

CVE-ID: CVE-2007-0737

Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9, Mac OS X Server v10.4.9

Impact: A local user may obtain system privileges

Description: Login Window does not sufficiently check its environment variables. This could allow a local user to execute arbitrary code with system privileges. This update addresses the issue by through improved validation of Login Window environment variables.

Login Window

CVE-ID: CVE-2007-0738

Available for: Mac OS X v10.4.9, Mac OS X Server v10.4.9

Impact: The screen saver authentication dialog may be bypassed

Description: Under certain conditions, the user’s preference to “require a password to wake the computer from sleep” is ignored, and a password is not required to wake from sleep. This update addresses the issue by through improved handling of this preference.

Login Window

CVE-ID: CVE-2007-0739

Available for: Mac OS X v10.4.9, Mac OS X Server v10.4.9

Impact: The loginwindow authentication dialog may be bypassed

Description: Under certain conditions, the software update window may appear beneath the Login Window. This could allow a person with physical access to the system to log in without authentication. This update addresses the issue by only running scheduled tasks after the user login. This issue does not affect systems prior to Mac OS X v10.4.

network_cmds

CVE-ID: CVE-2007-0741

Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9, Mac OS X Server v10.4.9

Impact: Remote attackers may be able to cause a denial of service or arbitrary code execution if Internet Sharing is enabled

Description: A buffer overflow vulnerability exists in the handling of RTSP packets in natd. By sending malformed RTSP packets, a remote attacker may be able to trigger the overflow which may lead to arbitrary code execution. This issue only affects users who have Internet Sharing enabled. This update addresses the issue by performing additional validation of rtsp packets.

SMB

CVE-ID: CVE-2007-0744

Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9, Mac OS X Server v10.4.9

Impact: A local user may obtain system privileges

Description: Under certain circumstances, SMB may execute commands without properly cleaning the environment. This may allow a local user to create files or execute commands with system privileges. This update addresses the issue by cleaning the environment prior to executing commands.

System Configuration

CVE-ID: CVE-2007-0022

Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9, Mac OS X Server v10.4.9

Impact: Local admin users may execute arbitrary code with system privileges without authentication

Description: Admin users have the ability to alter system preferences through the writeconfig utility. When the writeconfig utility launches the launchctl utility, it does not clean the environment inherited from the user. This could allow arbitrary code execution with system privileges without authentication. This issue has been described on the Month of Apple Bugs web site (MOAB-21-01-2007). This update addresses the issue by cleaning the environment before calling the launchctl utility.

URLMount

CVE-ID: CVE-2007-0743

Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9, Mac OS X Server v10.4.9

Impact: A local users may obtain other user’s authentication credentials

Description: The username and password used to mount remote filesystems through connections to SMB servers are passed to the mount_smb command as command line arguments, which may expose them to other local users. This update addresses the issue by securely passing the authentication credentials to the mount_smb command. Credit to Daniel Ball of Pittsburgh Technical Institute, Geoff Franks of Hauptman Woodward Medical Research Institute, and Jamie Cox of Sophos Plc for reporting this issue.

VideoConference

CVE-ID: CVE-2007-0746

Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9, Mac OS X Server v10.4.9

Impact: Remote attackers may be able to cause an unexpected application termination or arbitrary code execution if iChat is running.

Description: A heap buffer overflow vulnerability exists in the VideoConference framework. By sending a maliciously-crafted SIP packet when initializing an audio/video conference, an attacker can trigger the overflow which may lead to arbitrary code execution. This update addresses the issue by performing additional validation of SIP packets.

WebDAV

CVE-ID: CVE-2007-0747

Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9, Mac OS X Server v10.4.9

Impact: A local user may obtain system privileges

Description: When mounting a WebDAV filesystem, the load_webdav program may be launched without properly cleaning the environment. This may allow a local user to create files or execute commands with system privileges. This update addresses the issue by cleaning the environment prior to executing commands.

WebFoundation

CVE-ID: CVE-2007-0742

Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9

Impact: Cookies set by subdomains may be accessible to the parent domain

Description: An implementation issue allows cookies set by subdomains to be accessible to the parent domain, which may lead to the disclosure of sensitive information. This update addresses the issue by performing additional validation of the domain to which a cookie is being sent. This issue does not affect systems running Mac OS X v10.4. Credit to Bradley Schwoerer of University of Wisconsin-Madison for reporting this issue.

I have installed the updated with no problems - the update required a restart of the machine. When you restart it does take a bit of time - and the machine may restart itself a second time before it starts up again after the update. As usual it is a good idea to repair permissions before and after the update.

Get it from Apple Support Downloads or via your Software Update.

This is a 37.6 MB download

The BBC’s plans for the iPlayer were put on hold earlier this year after its regulators, the BBC Trust, asked the corporation to look at whether the iPlayer should be platform agnostic. Today BBC announced that “iPlayer will be re-engineered to work with Macs.”

Mr Highfield said Apple’s “proprietary and closed framework for digital rights management gives us headaches,” but, “it is one of our top priorities to re-engineer our proposed BBC iPlayer service to work on Macs”.

Yeah, complaining is fine - as long as they get it done!

Source: BBC

One of the things that I keep on forgetting is to update my applications - particularly those I do not use that frequently.

AppFresh helps you update all your applications - and at the same time it gives you a nice overview of what is on your machine hence giving you an opportunity to clean up a bit.

As the product is still a preview version - I ran the updates manually - but it worked remarkably well.

AppFresh is an utility that keeps all applications on your Mac up to date by checking the internet for new releases and makes downloading and installing them a breeze.

AppFresh covers software updates from Apple and third parties and can be used as a replacement for Apple’s own Software Update application to provide one central place to make sure you’re up to date.

Try it out - I am sure you will find it pretty useful.

Apple has released 3 news adverts the past week:

Stuffed

Flashback

Computer Cart

Seem them all here

Apple has announced that the release of MacOS X 10.5 Leopard will be delayed until October due to the development of iPhone.

iPhone contains the most sophisticated software ever shipped on a mobile device, and finishing it on time has not come without a price — we had to borrow some key software engineering and QA resources from our Mac OS® X team, and as a result we will not be able to release Leopard at our Worldwide Developers Conference in early June as planned.

Apple stated that while Leopard will be feature-complete by the WWDC event in June, they could not “deliver the quality release that we and our customers expect from us.” Developers attending the WWDC event will be given a “near-final” beta copy of Leopard in June.

Apple Statement
iPhone has already passed several of its required certification tests and is on schedule to ship in late June as planned. We can’t wait until customers get their hands (and fingers) on it and experience what a revolutionary and magical product it is. However, iPhone contains the most sophisticated software ever shipped on a mobile device, and finishing it on time has not come without a price — we had to borrow some key software engineering and QA resources from our Mac OS X team, and as a result we will not be able to release Leopard at our Worldwide Developers Conference in early June as planned. While Leopard’s features will be complete by then, we cannot deliver the quality release that we and our customers expect from us. We now plan to show our developers a near final version of Leopard at the conference, give them a beta copy to take home so they can do their final testing, and ship Leopard in October. We think it will be well worth the wait. Life often presents tradeoffs, and in this case we’re sure we’ve made the right ones. [Apr 12, 2007]

Apple has released a new TV commercial for the AppleTV.

Check it out

I got hold of a what is known as a “Vesa” cable from RAM Electronics and succeeded in getting my AppleTV working with a standard Toshiba projector and together with Apple Hi-Fi it is really a great solution.

The picture quality is surprisingly good despite what is probably equivalent to a 90″ screen size and hooked with the new Airport Extreme using 802.11n, buffering is nearly eliminated.

The only downside I have found is that when you navigate up and down with the Apple remote you also turn the sound up and down (and yes I know others are complaining they can not control the sound) - not sure what it better?!

Component Video is Y-Pr-Pb encoded video which is different than non-encoded RGB and RGB/HV. The Device to which the “VGA” connector is connected, needs to support Component video (Y-Pr-Pb) for this type of cable to work. This is common for projectors. Some other displays also support Y-Pr-Pb through the HD15 (VGA) connector. Check your Plasma, Projector or HDTV manual, otherwise your picture will be extremely ugly and possibly won’t have sync! In this case you need a “transcoder“.

The latest addition to the Mac Pro family: The world’s first 3.0GHz, 8-core Intel Xeon-based Mac Pro. The 8-core Mac is a duo of “Clovertown” Quad-core Xeon’s and only available in 3 GHz.

Opt for the 8-core Mac Pro and you get the power of two Quad-Core Intel Xeon “Clovertown” processors running at 3.0GHz. Or choose a quad-core Mac Pro featuring two Dual-Core Intel Xeon “Woodcrest” processors and decide how fast they fly: 2.0GHz, 2.66GHz, or 3.0GHz. At 3.0GHz, the quad-core Mac Pro runs up to 2x faster than the Power Mac G5 Quad.

www.apple.com/macpro

The prices on Cinema Displays has been reduced - I was actually expecting a new Cinema Display with iSight built-in - but I guess that might still come and could be the reason for the price cut of the current line-up?

Google has launched its popular Desktop application for Mac. Google Desktop makes searching your computer as easy as searching the web with Google.

Two taps on the Command key brings up a search window - as soon as you start typing, Google begins showing results, whether it’s a document or an application - just like Spotlight but it appears to be a lot faster.

Maybe Apple will be using Google search technology in Leopard?

“We designed Google Desktop for Mac to be a companion for Spotlight,” said Rose Yao, Google Desktop for Mac Product Manager. “Google Desktop searches users’ Web history and you can set it up to search Gmail too.”

It’s a desktop search application that provides full text search over your email, files, music, photos, chats, Gmail, web pages that you’ve viewed, and more. By making your computer searchable, Desktop puts your information easily within your reach and frees you from having to manually organize your files, emails and bookmarks.

The Install page gave a 404 when I checked - but I would expect it to be fixed work really soon. You can try it out from:

desktop.google.com/en/mac - and if the install link is not working then you can try this