Apple Security Update 2006-002 patches Mail, Safari

Jump to First Reply
Posted:
in macOS edited January 2014
Apple this afternoon released Security Update 2006-002, which is recommended for all users and improves the reliability and security of the following components: apache_mod_php, CoreTypes, LaunchServices, Mail, Safari, rsync. Specifically, the update attempts to repair issues where remote web sites can cause JavaScript to bypass the same-origin policy, double-clicking an attachment in Mail may result in arbitrary or malicious code execution, and where viewing a malicious web site may result in arbitrary or malicious code execution.

Comments

  • Reply 1 of 20
    irelandireland Posts: 17,802member
    Safe as houses!!





    I say ha ha to all those PC fools who wont give in and stop playing with dull beige boxes. Here's to the future!
     0Likes 0Dislikes 0Informatives
  • Reply 2 of 20
    1337_5l4xx0r1337_5l4xx0r Posts: 1,558member
    You're not familiar with computer security, are you?! And to suggest that "PC fools" buy their "dull beige boxes" to "play" is a bit extreme, no? I use PCs at school to do a bit more than play, and I'm no fool.



    Mac koolaid drinker zealots give normal mac users a bad name. It's a computing platform, not a religion.
     0Likes 0Dislikes 0Informatives
  • Reply 3 of 20
    aplnubaplnub Posts: 2,606member
    You both need help...



     0Likes 0Dislikes 0Informatives
  • Reply 4 of 20
    irelandireland Posts: 17,802member
    Safety first!
     0Likes 0Dislikes 0Informatives
  • Reply 5 of 20
    gene cleangene clean Posts: 3,481member
    Quote:

    Originally posted by 1337_5L4Xx0R

    You're not familiar with computer security, are you?! And to suggest that "PC fools" buy their "dull beige boxes" to "play" is a bit extreme, no? I use PCs at school to do a bit more than play, and I'm no fool.



    Mac koolaid drinker zealots give normal mac users a bad name. It's a computing platform, not a religion.




    QTF.
     0Likes 0Dislikes 0Informatives
  • Reply 6 of 20
    Does no one else find it disturbing that Safari, unlike most other browsers, falls for the infinite JavaScript loop? Today, I tried setting up a do...while(1==1) loop in JavaScript and loaded the page in Safari. Other browsers (Firefox, etc.) catch on to the fact that the script is taking too long to run and bring up a popup alert to halt it. Safari, though, happily churns away until so many resources are used up the system has to be restarted.



    I'm just about to install this security update - I'll let you know if it 'fixes' the problem.
     0Likes 0Dislikes 0Informatives
  • Reply 7 of 20
    Quote:

    Originally posted by jdbartlett

    I'm just about to install this security update - I'll let you know if it 'fixes' the problem.



    Nope, still crashes. I used a do..while loop like that mentioned in my last post. Only hope is to catch it in time to manually force quit Safari. Leave it too long and you have to restart your whole mac.



    That strikes me as a pretty silly trick for a browser to fall for.
     0Likes 0Dislikes 0Informatives
  • Reply 8 of 20
    One more note, this one relevant to the new update: after installing this update on my powerbook, I found the headphone speaker balance set way over to the left.
     0Likes 0Dislikes 0Informatives
  • Reply 9 of 20
    fuyutsukifuyutsuki Posts: 293member
    Quote:

    Originally posted by jdbartlett

    One more note, this one relevant to the new update: after installing this update on my powerbook, I found the headphone speaker balance set way over to the left.



    I've got the same thing on my PowerBook from updates (or something fairly regular) for years! Left balance ... juh?



    Also, Safari has been so unstable for me since 10.4.2 or so that I've taken to using Camino as my maim browser. Crashes on OS X are something you hope not to see and usually only have to once in a blue moon, but Safari's been bombing out on me (in repeatable fashion) once a day or more.
     0Likes 0Dislikes 0Informatives
  • Reply 10 of 20
    aplnubaplnub Posts: 2,606member
    Quote:

    Originally posted by fuyutsuki

    I've got the same thing on my PowerBook from updates (or something fairly regular) for years! Left balance ... juh?



    Also, Safari has been so unstable for me since 10.4.2 or so that I've taken to using Camino as my maim browser. Crashes on OS X are something you hope not to see and usually only have to once in a blue moon, but Safari's been bombing out on me (in repeatable fashion) once a day or more.




    I have never had a problem with Safari. Maybe you have some other problem that is causing it?
     0Likes 0Dislikes 0Informatives
  • Reply 11 of 20
    What steps have you taken to troubleshoot your Safari issue? I have never had that problem; Safari is pretty much rock solid for me. Yes, it has quit, but no more than once every couple of months.
     0Likes 0Dislikes 0Informatives
  • Reply 12 of 20
    Quote:

    Originally posted by fuyutsuki

    I've got the same thing on my PowerBook from updates (or something fairly regular) for years! Left balance ... juh?



    Also, Safari has been so unstable for me since 10.4.2 or so that I've taken to using Camino as my maim browser. Crashes on OS X are something you hope not to see and usually only have to once in a blue moon, but Safari's been bombing out on me (in repeatable fashion) once a day or more.




    Safari's generally pretty stable for me, I'm using it right now. This is the first time I've noticed anything I've thought an especially big oversight in its development. Camino is an awesome browser, though. I still use Firefox for development because of its DOM inspector.
     0Likes 0Dislikes 0Informatives
  • Reply 13 of 20
    Quote:

    Originally posted by jdbartlett

    Safari's generally pretty stable for me, I'm using it right now. This is the first time I've noticed anything I've thought an especially big oversight in its development. Camino is an awesome browser, though. I still use Firefox for development because of its DOM inspector.



    Turing on Safari's Debug menu might give you what you need. Not a web developer, so I'm only offering this as a suggestion. You can enable the Debug menu by launching Terminal.app and typing:



    defaults write com.apple.safari IncludeDebugMenu 1
     0Likes 0Dislikes 0Informatives
  • Reply 14 of 20
    irelandireland Posts: 17,802member
    Adam from the Maccast podcast on today the 14th March episode, said it does not fix 2 other vulnerabilities in iTunes and Quicktime.



    They will sort them out soon, hopefully!





    Not that don't feel pretty safe already.
     0Likes 0Dislikes 0Informatives
  • Reply 15 of 20
    Quote:

    Originally posted by [alloc init]

    Turing on Safari's Debug menu might give you what you need. Not a web developer, so I'm only offering this as a suggestion. You can enable the Debug menu by launching Terminal.app and typing:



    defaults write com.apple.safari IncludeDebugMenu 1




    Wow, that's pretty cool! Thanks!



    It doesn't have everything I use in Firefox's DOM inspector, but there are a lot of tools in the Debug winow that Firefox either doesn't have or I haven't found. Great!
     0Likes 0Dislikes 0Informatives
  • Reply 16 of 20
    jonnyboyjonnyboy Posts: 525member
    seems to somehow disable the "bevel" display style in growl
     0Likes 0Dislikes 0Informatives
  • Reply 17 of 20
    jeffdmjeffdm Posts: 12,954member
    Quote:

    Originally posted by aplnub

    You both need help...







    I think the point needs to be made is that platform zealotry is stupid.



    re: Safari issue, if you are running plug-ins, uninstall the ones you added and see if that changes things.
     0Likes 0Dislikes 0Informatives
  • Reply 18 of 20
    Quote:

    Originally posted by JeffDM

    re: Safari issue, if you are running plug-ins, uninstall the ones you added and see if that changes things.



    No plugins. Almost a clean install of OS X (about a month old).
     0Likes 0Dislikes 0Informatives
  • Reply 19 of 20
    jeffdmjeffdm Posts: 12,954member
    Quote:

    Originally posted by jdbartlett

    No plugins. Almost a clean install of OS X (about a month old).



    Ouch. If you can find a site that it predictably crashes on, that would be a good thing to pester an Apple tech with, maybe at a Genius Bar if you can get to one.
     0Likes 0Dislikes 0Informatives
  • Reply 20 of 20
    jonnyboyjonnyboy Posts: 525member
    Quote:

    Originally posted by jonnyboy

    seems to somehow disable the "bevel" display style in growl



    now seems to be working again!
     0Likes 0Dislikes 0Informatives
Sign In or Register to comment.