or Connect
AppleInsider › Forums › Software › Mac OS X › Apple's Mountain Lion to offer automatic security updates
New Posts  All Forums:Forum Nav:

Apple's Mountain Lion to offer automatic security updates

post #1 of 32
Thread Starter 
It was revealed on Monday that Apple's upcoming OS X Mountain Lion will feature an automatic security check feature that will ensure users have the most up-to-date software protection amid a growing number of Mac-targeted malware.

An update to the Mountain Lion Developer Preview shows a new automated system that runs a daily check with Apple's servers to make sure OS X 10.8 users have the most current security patches and protections against known malware and viruses.

Called "OS X Security Update Test 1.0," the automated feature will run either daily or whenever a Mac restarts and has the ability to download and install updates in the background, making the task of manually performing checks less of a necessity.

The new feature also creates a "more secure connection" to Apple's servers possibly hinting to new encryption technology or more stringent default settings. Also included are the usual stability and general updates for the operating system set for launch in July.

Security Update


Apple is making security a priority in the next iteration of OS X to counter new threats that continue to crop up as Macs gain a larger user base. In April the highly-publicized Flashback trojan used a Java exploit to spread onto an estimated 600,000 Macs around the world prompting Apple to release both a Java disabler for Safari and a standalone malware uninstaller.

Security Update Install
Mountain Lion Developer Preview 4 Security Update loading screen.


In a related action, Apple notedly toned down the language of its OS X webpage, changing the statement that the Mac "doesn't get PC viruses" to "It's built to be safe."

Coming exactly one week after OS X Mountain Lion Developer Preview 4 was released, the new Security Update is available through the Mac App Store and comes in at 1.15 GB.
post #2 of 32
Installed pretty quickly for me, I kind of like the new look when receiving updates...
post #3 of 32

12.06.25-ML4SU-2.JPG

 

 

 

The multicolored moire is very trippy, but is this a professional looking photo?

 

With all due respect, hire a goddamned photographer, AI.

post #4 of 32
Quote:
Originally Posted by JerrySwitched26 View Post

 

The multicolored moire is very trippy, but is this a professional looking photo?

 

With all due respect, hire a goddamned photographer, AI.

As soon as you pay your Apple Insider membership fees.


Edited by elroth - 6/25/12 at 4:31pm
post #5 of 32
Quote:
Originally Posted by JerrySwitched26 View Post

LL



The multicolored moire is very trippy, but is this a professional looking photo?

With all due respect, hire a goddamned photographer, AI.

Where is the thumbs down button........
post #6 of 32
533
"That’s brilliant. I can see this annoying some people, but what doesn’t these days?" - PMZ
Reply
"That’s brilliant. I can see this annoying some people, but what doesn’t these days?" - PMZ
Reply
post #7 of 32
Quote:
Originally Posted by elroth View Post

As soon as you pay your Apple Insider membership fees.

 

Bwahahaha.  Touché :)

post #8 of 32
Every so often I think about trying to take a screenshot of something outside my user account because I've always wondered where those files go. Probably on Users/root/Desktop…

Originally Posted by helia

I can break your arm if I apply enough force, but in normal handshaking this won't happen ever.
Reply

Originally Posted by helia

I can break your arm if I apply enough force, but in normal handshaking this won't happen ever.
Reply
post #9 of 32
1) Interesting that this comes on the heels of the new wording about Mac security.

2) I wish the Software Updater would list the size of the update before I click Update. I wasn't expecting 1.16GB which tells me there are many large changes being made to the system.

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #10 of 32
Quote:
Originally Posted by SolipsismX View Post

2) I wish the Software Updater would list the size of the update before I click Update. I wasn't expecting 1.16GB which tells me there are many large changes being made to the system.

Agreed. Hopefully they'll return the filesize to a pre-click viewable item.

The description mentions it also made changes to the system as a whole, but I only know of it doing a delta update to Mail (had to "update my inbox" again).

Originally Posted by helia

I can break your arm if I apply enough force, but in normal handshaking this won't happen ever.
Reply

Originally Posted by helia

I can break your arm if I apply enough force, but in normal handshaking this won't happen ever.
Reply
post #11 of 32
Quote:
Originally Posted by SolipsismX View Post

1) Interesting that this comes on the heels of the new wording about Mac security.
2) I wish the Software Updater would list the size of the update before I click Update. I wasn't expecting 1.16GB which tells me there are many large changes being made to the system.

 

Did you do the update via the App store?

 

If you do, it lists the update, a short description, file size, etc...

 

Most of that 1.16GB is probably just a list of all the known viruses coming on the MAC OS X system.

 

So I've been reliably told...

 

<snigger>

"That’s brilliant. I can see this annoying some people, but what doesn’t these days?" - PMZ
Reply
"That’s brilliant. I can see this annoying some people, but what doesn’t these days?" - PMZ
Reply
post #12 of 32
Quote:
Originally Posted by GTR View Post

Did you do the update via the App store?

If you do, it lists the update, a short description, file size, etc...
Mine just listed the description and name until I hit Update and then it shows me the file size and progress in a bar to the right side.

Quote:
Most of that 1.16GB is probably just a list of all the known viruses coming on the MAC OS X system.

So I've been reliably told...

😷

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #13 of 32
Apple insider membership fees are paid upfront everytime we visit this site & view all the pretty ad content. Like the iAd for Chase Bank… er… now a TNT advert… oh, wait, back to Chase again…
Cheers !
Reply
Cheers !
Reply
post #14 of 32
Quote:
Originally Posted by GTR View Post

533

 

 

Naw.  Just hit PrntScrn.  The screenshot will be on the clipboard.

 

 

Untitled.jpg

post #15 of 32
Quote:
Originally Posted by JerrySwitched26 View Post

Naw.  Just hit PrntScrn.  The screenshot will be on the clipboard.

Connie, I'm not sure what world you live in or in what world you think we live, but…

Originally Posted by helia

I can break your arm if I apply enough force, but in normal handshaking this won't happen ever.
Reply

Originally Posted by helia

I can break your arm if I apply enough force, but in normal handshaking this won't happen ever.
Reply
post #16 of 32
Quote:
Originally Posted by JerrySwitched26 View Post

 

 

Naw.  Just hit PrntScrn.  The screenshot will be on the clipboard.

 

 

Untitled.jpg

 

I'd hate to be the bearer of bad tidings, but you just went and posted something silly.

 

Sarcasm: It's not for everybody.

 

Time to switch to a different username again to avoid embarrassment?

"That’s brilliant. I can see this annoying some people, but what doesn’t these days?" - PMZ
Reply
"That’s brilliant. I can see this annoying some people, but what doesn’t these days?" - PMZ
Reply
post #17 of 32
So, the most most secure commercial operating system in widespread use, Apple OS X 10.7 Lion, will be even more secure with release of the latest version.

Apple offers a Software Update control panel within the Mac App Store for automatic download and installation of Apple system software updates.

Apple provides a clear indication when installing software from third party sources on the Internet. Apple requires an administrator password when installing software unless the software is signed and installed from the Mac App Store although the Mac App Store requires the Apple iTunes username and password to purchase software.

Java Runtime (OpenJDK Project for Java on Mac OS X updates available from Oracle) and Adobe Flash (updates available from Adobe) are no longer bundled applications beginning with Mac OS X 10.7 Lion. The removal of Adobe Flash and Java Runtime remove a large number of potential exploits.

Application Sandboxing (Safari, for example, has now been divided into two processes that separate the browser's user interface and other functions from the part that parses JavaScript, images, and other web content) prevents applications from executing code in other applications.

Apple maintains a non-published list of possibly fraudulent websites which may optionally be used for warning users when visiting such websites. Apple Safari provides an option to block all website cookies, allow cookies only from visited websites or allow all cookies. Beginning with OS X 10.8 Mountain Lion, Safari provides an option to deny website from accessing location services, prompting once each day or prompting once only. Apple Safari provides a "Do Not Track" option for compliant websites. Further privacy and security features and functions are provided via third party Safari extensions.

Apple Keychain allows users to save passwords and textual data encrypted in protected keychains. Apple Safari allows users to save usernames and passwords to visited websites.

For applications that a user may download from an unknown source Apple OS X 10.7 Lion offers file quarantine with malware detection to prevent code execution and determine if the file is a known threat.

In order to avoid the potential for users accidentally downloading and installing malicious software Apple introduced the Mac App Store in Mac OS X 10.7 Lion to provide a curated application (cursory review) purchasing experience with signed code. Apple extends the Mac App Store in OS X 10.8 Mountain Lion by introducing Gatekeeper which is an option to prevent installation of apps not from the Mac App Store and non-signed code.

In the unlikely event that an application is able to execute malicious code, Apple provides Address Space Layout Randomization (ASLR) including heap, stack, and dynamic linker which randomly arranges the positions of key data areas by obscuring memory addresses. Address Space Layout Randomization is valuable because attempting to inject code into an incorrect memory address will cause errors in the malicious code.

Apple OS X 10.7 Lion provides disk encryption for the entire disk (rather than only users' home folders) at the block level using XTS-AES 128 encryption. Encryption of external USB and FireWire drives is supported. Apple enables the administrator to designate a number of user accounts authorized to decrypt the system disk. A recovery key as well as Instant Wipe which removes the encryption key from your Mac instantaneously, making the data completely inaccessible are provided. Once the encryption key is erased, the Mac performs an entire wipe of the data from the disk.

If all else fails, Apple provides a Recovery Partition which was introduced in Mac OS X 10.7 Lion to allow users to easily restore their computer. Apple Time Machine provides an intuitive user interface for backup so users can restore corrupted data from a storage device. Apple Time Capsule integrates with Time Machine very well although third party solutions are also supported.

Apple provides a Secure Guest Account (an account that the system erases and resets at logout) for allowance of temporary use by authorized persons.

Apple OS X 10.8 Mountain Lion introduces Application level Privacy settings including Location Services to avoid unauthorized disclosure of personal information to legitimate applications which may not require invasive disclosure of personal information.

Apple provides extremely robust Parental Controls, allowing parents to; limit usage per day, limit which hours used per day, limit websites, limit applications and more.
Edited by MacBook Pro - 6/26/12 at 3:59am
post #18 of 32
Good step in the right direction, now of they could only speed up the release time of the security updates that'd be something! What is it, 4-6 weeks on average after a security hole has been reported in the news before Apple tends to plug it?
iPad, Macbook Pro, iPhone, heck I even have iLife! :-)
Reply
iPad, Macbook Pro, iPhone, heck I even have iLife! :-)
Reply
post #19 of 32
Quote:
Originally Posted by saarek View Post

Good step in the right direction, now of they could only speed up the release time of the security updates that'd be something! What is it, 4-6 weeks on average after a security hole has been reported in the news before Apple tends to plug it?

Yet, Apple OS X 10.7 Lion is still the most most secure commercial operating system in widespread use.
post #20 of 32

The comment that noted the download size is right on. Many users are on Cell networks or satellite with limited monthly bandwidth. Users need to know the size before doing the install process. Many users have turned off the download in background feature since it will make them go over limit without knowing until to late.

post #21 of 32

My employer's policies require that we only install software from an internal source.  I have an Apple Update server running which meets our requirments.

 

So will Apples new update architecture support the existing Software Update Server infrastructure, or did our friends in Cupertino blow us up?

post #22 of 32
Quote:
Originally Posted by MacBook Pro View Post


Yet, Apple OS X 10.7 Lion is still the most most secure commercial operating system in widespread use.


Really?!?

 

So that 600,000 strong Mac botnet was nothing to worry about.

 

There is much ridicule of MS and Windows users here, but as a percentage of computers the Flashback attack spread farther and wider than any Windows virus/worm/trojan in history.

 

Mac users have been complacent for too long. Apple has been complacent for too long.

 

 

All operating system patches are a double edged sword. In an effort to get updates out quickly mistakes will be made. Even when updates are done slowly and deliberately they can contain serious bugs and break 3rd party software. Firefox 13.0 is just the most recent high profile example of automatic updates pushing buggy software to millions of users, but I remember official updates from Microsoft and Apple that rendered machines virtually unusable.

 

So do you ignore the update and risk whatever the update addresses or do you install the update and find it prevents you from doing your job?

The choice isn't always clear.

post #23 of 32
Quote:
Originally Posted by Bregalad View Post

So that 600,000 strong Mac botnet was nothing to worry about.

When you make up numbers, anything is 'worrisome'.
Quote:
Mac users have been complacent for too long. Apple has been complacent for too long.

And I'm sure they're sorry for allowing Java to even be installed in OS X.

Originally Posted by helia

I can break your arm if I apply enough force, but in normal handshaking this won't happen ever.
Reply

Originally Posted by helia

I can break your arm if I apply enough force, but in normal handshaking this won't happen ever.
Reply
post #24 of 32
Only 11.2% of users affected by the Flashback trojan were using Mac OS X 10.7 Lion with 28% of those users having not applied at least one update. In other words, we are talking about approximately 67,200 users of which 18, 816 had not applied at least one update. Therefore, the number of impacted users with updated systems (important since this story is regarding automatic security updates) on Mac OS X 10.7 Lion was 48,384 or approximately 0.0008% of all Mac users.

Furthermore, the comparison of a single instance of malicious software impacting users versus a plethora of malicious software impacting users is ridiculous.

As far as infected hosts as a percentage of possible hosts (which is a dubious claim at best) there has been malware which has been more prevalent and certainly many more damaging:

Melissa Virus
ILOVEYOU worm which, incidentally, caused $10 billion in damages
Code Red and Code Red II
Nimda virus
SQL Slammer (aka Sapphire) which, incidentally, caused $1 billion in damages
Michelangelo virus
Sasser virus
Sobig
MyDoom


Further notable, Java Runtime (OpenJDK Project for Java on Mac OS X updates available from Oracle) and Adobe Flash (updates available from Adobe) are no longer bundled applications beginning with Mac OS X 10.7 Lion. The removal of Adobe Flash and Java Runtime remove a large number of potential exploits.
Edited by MacBook Pro - 6/26/12 at 2:10pm
post #25 of 32
Note to self: Exploit automatic security update vulnerability in Mac OS Mountain Lion. Create security update to take information. End
post #26 of 32
Quote:
Originally Posted by Tallest Skil View Post


Connie, I'm not sure what world you live in or in what world you think we live, but…

 

 

The one where capturing screenshots "Just Works" is where I am.

post #27 of 32
Quote:
Originally Posted by GTR View Post

 

I'd hate to be the bearer of bad tidings, but you just went and posted something silly.

 

Sarcasm: It's not for everybody.

 

Time to switch to a different username again to avoid embarrassment?

 

No embarrassment whatsoever.    I was just pointing out that accomplishing the task is simple with the right tools.

post #28 of 32
Quote:
Originally Posted by JerrySwitched26 View Post

 

No embarrassment whatsoever.    I was just pointing out that accomplishing the task is simple with the right tools.

 

Oh don't worry, we suspected that.

 

You'd have to be aware of what you did before feeling embarrassment and this obviously isn't the case here.

 

Please try and stay aware from any dangerous machinery for the rest of your life.

"That’s brilliant. I can see this annoying some people, but what doesn’t these days?" - PMZ
Reply
"That’s brilliant. I can see this annoying some people, but what doesn’t these days?" - PMZ
Reply
post #29 of 32
Quote:
Originally Posted by JerrySwitched26 View Post

The one where capturing screenshots "Just Works" is where I am.

Sorry, Zazzles. If you are forced to open an application to access a screenshot, you're doing it wrong.

Originally Posted by helia

I can break your arm if I apply enough force, but in normal handshaking this won't happen ever.
Reply

Originally Posted by helia

I can break your arm if I apply enough force, but in normal handshaking this won't happen ever.
Reply
post #30 of 32
So when can we UNDO updates!? Can Mountain Lion do this? Something many have been asking for since, well, 10.0. Something that would rank higher on corporate requirements to start rolling OS X out for business users than almost any other feature Apple has made since 10.0 except the other security and system stability improvements. "oh just reinstall" doesn't fly in the business world. updates should be as easy to roll back as one click. Like on Windows. :/
"Overpopulation and climate change are serious shit." Gilsch
"I was really curious how they had managed such fine granularity of alienation." addabox
Reply
"Overpopulation and climate change are serious shit." Gilsch
"I was really curious how they had managed such fine granularity of alienation." addabox
Reply
post #31 of 32
Quote:
Originally Posted by Aquatic View Post

So when can we UNDO updates!? Can Mountain Lion do this?

Not in the slightest. 😠

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #32 of 32

OS X updates aren't typically destructive towards existing 3rd party software. Or am I missing something?

 

Overall, I'm pleased at this value adding feature. Beats the hell out of any Windows A/V software. Then again, they have a much larger whale to fry.

[this account has been abandoned]

Reply

[this account has been abandoned]

Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Mac OS X
AppleInsider › Forums › Software › Mac OS X › Apple's Mountain Lion to offer automatic security updates