Apple fixes flawed Leopard
RED-FACED APPLE has admitted that its Leopard operating system has an ancient version of Java that's an open door to hackers.
The Java flaw is important and the patch can be downloaded from Apple. Basically it allows a hacker to take control of the user's machine if they visit a dodgy webpage. Normally Apple waits six months before releasing Java security patches, so it must have thought this one was bad.
What is less amusing is that Apple has shafted those people who are still using Tiger by not providing a patch for the older operating system. Perhaps the idea is that it will force people to pay their Apple tax to upgrade. Of course in the case of Snow Leopard it also means that it will break all those Tiger machines which use non-Intel chips, so it is a win-win for Jobs' Mob.
The patch updates Leopard to Java versions 1.6.0_15, 1.5.0_20, and 1.4.2_22, which Java creator Sun Microsystems released on 5th August.
Apple, which has been flogging its own products on the basis that they are more secure than Microsoft, is fast becoming the laughing stock of the security industry.
The Cappuccino-based outfit seems to have rushed to gets its Snow Leper out the door in a desperate bid to put a spoiler on Windows 7's launch. Not only do some important applications fail to work because third party developers were not ready, but it seems that Snow Leopard shipped with known security holes.
It turns out that Apple shipped Snow Leopard with an old version of Adobe's Flash Player that leaves users vulnerable to software exploits embedded in dodgy Flash videos.
Sophos' media friendly insecurity analyst Graham Cluley said in his blog that Mac users who applied security patches did not deserve to have their security downgraded because they upgraded to Snow Leopard. µ
Share this:
ShareBusiness Intelligence Software
Customer Relationship Management (CRM)
Enterprise Accounting Software
Enterprise Resource Planning (ERP)
Enterprise Systems Management
Did the author intend to refer to Apple's latest release as "Snow Leper?"
The link to the Apple Java update is for 10.5 (Leopard), not 10.6 (Snow Leopard).
No point slagging off Apple about Snow Leopard if you don't even know that it's 10.6. The security release you are referring to is 10.5. Honestly Nick, you should take a deep breath before you slip into your default auto-Apple-bashing mode. In this case, default lies with you
...this Java update is for Leopard.
Nick .... sounds like you need to repent and get a mac.
"Cappuccino-based outfit"
Do Apple employees drink large amounts of coffee....or did you mean Cupertino, the California location of Apple headquarters?
"News, reviews, facts and friction?" That is a sad joke. I feel like I am reading the Onion, not a Sci/Tech news item. Google should not give the Inquirer space on their news feed, as there is no integrity, accuracy or even professionalism. This "article" is like some highschooler trying to start a flame war. How lame.
Clearly a bias is shown in this writer. Get someone else please!
Leopard != Tiger?
So you have to upgrad from Tiger.. ? If you would like to stick secure.
"Apple is fast becoming the laughing stock of the security industry"? "a desperate bid to put a spoiler on Windows 7"? <lol
Nick, get a grip. Non-fiction articles are not your forte...try a Harry Potter novel.
MacOS is attack-proof. Which means that no matter how flawed and glitched are the softwares that you run under it, MacOS will protect its user against everything, even the potentially dangerous behavior of the user himself, his wife, his mother or his children.
Even if you intentionally try to run some nasty malware, it will beat such little pest into submission and convince it to act in some way that benefit its wealthy and technologically unproficient user.
Therefore you don't need to upgrade your system. Upgrade your faith... And your salary.
The Author is obviously a complete moron.
Fine if your going to slag the os down, but for christ sake get your facts correct. and try to wipe that silly smug look off your face.
"MacOS is attack-proof. Which means that no matter how flawed and glitched are the softwares that you run under it, MacOS will protect its user against everything, even the potentially dangerous behavior of the user himself, his wife, his mother or his children."
Thank god :-)
Nick, you just killed all your efforts to put your flawed opinion forth because of bad research.
Some people are so eager to be Superman, they forget to wear the leggings below the undies.
Why is everybody up and arms about writing the wrong version? the truth is that the OS has a flaw and you all crybabies need to go and patch it (no big deal). But not, you all feel like trashing the guy just to make you unsecured egos feel better.
Everyone is getting so worked up over the flash "security hole". If you get a virus from that, you deserve it, because you're probably surfing some hacking/pr0n website.
No, I'm not a mac zealot (forgive me my sins, Saint Steve). There will never be an OS that is perfect - someone will always be able to find a vulnerability and exploit it. MacOS is no exception. I just hate journalism that latches on to weak stories and won't let them go. This flash bug has been on every stinkin' site and people won't shut up about it. Patch your system and move on, crybabies.
@MacInnes, Nick Ferret is just a vole in disguise. He's in Micro$oft's pocket, if you read the treatment he gives to M$ in articles he's written about their security flaws versus the ones he's written about Apple it should be painfully obvious.
"Clearly a bias is shown in this writer. Get someone else please!"
I know, the bias is terrible - at least Apple always offers bias free reporting we can depend on!!
...apple fanboys don't know how to read- come to this site only to rant.
Article made sense to me, I don't know what you people are smoking. And yes, I'm a mac user (I just don't drink the kool-aid).
Anything that can be engineered can be reverse-engineered. You bash the author then you make a ridiculous comment like that. Typical MACite comment.
@Hegemon
Ludicrous.. security holes like that should be fixed regardless of what half-baked idea you hvae of the walled garden where only exploit implementing software lives.
@hfm
Learn to read. I never said that security holes shouldn't be fixed. If you look at Apple/Mac blogs and websites, they post articles about it and act like the sky is falling. Now if the OS had shipped with a list a mile long of things that needed patched, I could understand a little hype.
So the OS got shipped with an old Flash version. There's a newer one out. Patch it. Move on. Big deal.
Drying in the cold sun
Watching as the frilly Snow Lepers run
Apple-lung my friend
don't start away uneasy
you poor old sod, you see, it's only a Cup o'tea, no?
Who would be a poor man, a beggarman, a thief, if he had a rich man in his hand?
if he could take it from the money man__ Cross-eyed Leper goes jumping in again on expense accounted cruel.
Laughing in the playground - gets no kicks from little fanboys:
would rather make it with a letching grey.
Or maybe their attention is drawn by Apple-lung, who watches through the railings as they pray.
Cross-eyed Leper finds it hard to get along, and she'll do it for a iTunes song.
Do you still remember
December's foggy freeze
when the Snow that
clings on to your Leper is
screaming agony.
Journalist flavoured hack writes another anti-Apple flavoured story.
It's bordering on boring now, and it does mean I almost never read Apple themed stories from this site because I can do without the childish crap contained in Mr Farrells articles.
There's being provocative and there's sounding like a 7 year old.
@Macs are attack proof. - You are insanse.
See? See? It's NOT perfect!
So There! Take THAT you smug Mac Users.
Ha!
(seriously man.... grow up.)
Nick watch out!!
The over-sensitive MacYaheddin will declare easily declare Holy War in defence of the true faith of the Bitten Apple and for Steve Jobs his prophet. Before you know it they will sent suicide warriors wearing malfunctioning Iphone vests.
I just installed Snow Leopard over Leopard (the disk arrived earlier this week and was waiting for me upon return from holiday).
I opened a terminal console and entered java -version and it responded with:
java version "1.6.0_15"
Java(TM) SE Runtime Environment (build 1.6.0_15-b03-219)
Java HotSpot(TM) 64-Bit Server VM (build 14.1-b02-90, mixed mode)
Nuf sed.
I would really enjoy to know why the Enquirer does not like Apple.
Tmlcky
Everyone is griping about an article written about how Apple doesn't take security seriously. This has been the case for a very long time. You really have to ask yourself what the hell was going on at Apple that could have made BSD so insecure.
Ohs Nos, the 6 eMacs I have all running Tigger will soon be hi-jinxed so bad guys can see what kind of porn my kids are viewing...
Or they will be used in the first Mac-only bot-net.
PAleez...
standards of editorial. Nick is at the same level of Charlie Demimakeshitupen. Hopefully he leaves and starts his own little mickey mouse site too. I think he should call it "irant".
BTW First Mac botnet suspected earlier this year.
http://arstechnica.com/apple/news/2009/04/evidence-suggests-first-zombie-mac-botnet-is-active.ars