Apple updates Mountain Lion, patches Safari
OS X 10.8.3 adds Boot Camp support for Windows 8
Computerworld - Apple yesterday updated OS X Mountain Lion for the first time in six months, patching 14 security vulnerabilities and addressing a host of other issues.
Alongside the operating system update, Apple also upgraded the Safari browser to version 6.0.3, fixing 17 security flaws.
OS X 10.8.3 dealt with several non-security flaws, including a pair related to Active Directory, Microsoft's domain authentication technology, and added new features that ranged from Boot Camp support for Windows 8 to letting users redeem app gift cards by holding the card in front of their Mac's built-in camera.
The last time Apple updated OS X Mountain Lion was Sept. 19, 2012, about two months after its debut.
Mountain Lion's new-found support for Boot Camp came five months after Microsoft launched that edition, and was accompanied by a fix that allowed iMacs with 3TB hard drives to run the utility that lets users switch between OS X and Windows. Previously, a bug prevented iMacs with drives that size to run the dual-boot software.
Separate updates were posted to provide the necessary Windows 7 and Windows 8 drivers for Boot Camp.
Other fixes addressed in 10.8.3 included one for a screen problem when the Mac woke from sleep, another for audio stuttering on 2011 Macs, and a third that reportedly improved Mail's reliability when fetching messages from an Exchange server.
On the security side, only four of the 14 Mountain Lion vulnerabilities were accompanied with the phrase "may lead to ... arbitrary code execution," Apple's way of classifying the bug as critical.
One flaw involved Java, the Oracle software that has been plagued by a rash of zero-day disclosures and emergency updates. "Visiting a maliciously crafted website could allow a Java Web Start application to be launched automatically, even if the Java plug-in is disabled," Apple said in its advisory.
Another could be exploited by a rigged PDF document, said Apple.
As often is the case, several of the flaws were in open-source code that Apple includes or integrates with OS X, ranging from the Apache Web server to Ruby on Rails.
Safari, which was updated to 6.0.3 for both Mountain Lion and OS X Lion, received 17 patches, 15 of them in WebKit, the open-source browser engine that powers Apple's browser as well as Google's Chrome. All 15 were rated critical.
Eight of the 15 WebKit bugs were reported by members of Google's security team, seven attributed to Abhishek Arya, better known as "inferno" in the security community.
Apple also patched Macs running Lion and Snow Leopard with Security Update 2013-001. The Snow Leopard update was notable because it arrived a record eight months after the introduction of Mountain Lion, reinforcing the idea that Apple has changed its support policy and will patch "n-2," where "n" is the current edition of OS X.
Traditionally, Apple has dropped support of n-2 upon the launch of n, but the back-to-back releases of Lion and Mountain Lion in 2011 and 2012, and the refusal of Snow Leopard to go away -- in February, it powered nearly 28% of all Macs -- has apparently altered Apple's policy.
OS X 10.8.3 and Security Update 2013-001 are available by selecting "Software Update..." from the Apple menu, or by opening the Mac App Store application and clicking the Update icon at the top right of the screen. The updates can also be downloaded manually from Apple's support site.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His email address is firstname.lastname@example.org.
- Apple sends users scrambling for OS X Yosemite
- Long replacement cycle drags down iPad sales
- Apple unwraps OS X Yosemite public beta Thursday
- Apple grows Mac sales by 18% on the back of the MacBook Air
- Want an Apple watch? Just 3D print one
- What to listen for during Apple's earnings call today
- Mac sales will again outstrip industry average
- Apple, IBM spell out enterprise support for iPhone, iPad
- Timeline: How Apple's iOS gained enterprise cred
- Apple and IBM: A winning combo for IT
Read more about Mac OS X in Computerworld's Mac OS X Topic Center.
- Top 3 Myths about Big Data Security : Debunking common misconceptions about big data security Big data represents massive business possibilities and competitive advantage for organizations that are able to harness and use that information. But how are...
- Magic Quadrant for Data Masking Technology IBM is a leader in Gartner Inc's Magic Quadrant for Data Masking Technology. Read the full report to learn about IBM.
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Why Are Customers Really Deploying an NGFW? It seems every IT Security expert is talking about the NGFW, but what are people really doing? This webcast covers 5 real-world customer... All Mac OS X White Papers | Webcasts
Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!