October 31, 2014

Apple Releases First OS X 10.5 Update For Nearly a Year – But Doesn’t Patch Any Known Vulnerabilities

(LiveHacking.Com) – Apple have made the interesting move of releasing a security update for OS X 10.5 Leopard which doesn’t actually patch any known vulnerabilities. Instead the update for the oldest of the OS X versions that runs on Intel Macs disables out-of-date versions of Adobe Flash Player.

Leopard Security Update 2012-003 disables Adobe Flash Player if it is older than 10.1.102.64. It does this by moving its files to a new directory. If the update disables Flash Player the user is presented with the option to install an updated version of from the Adobe website. Apple disabled Flash Player older than 10.1.102.64 on OS X Snow Leopard and OS X Lion a few days ago.

Apple have also released a version of the Flashback malware removal tool designed for Leopard. Apple released the same tool for Snow Leopard and Lion almost a month ago. According to the advisory: “This update runs a malware removal tool that will remove the most common variants of the Flashback malware. If the Flashback malware is found, it presents a dialog notifying the user that malware was removed. There is no indication to the user if malware is not found.”

Leopard has been left languishing without any updates from Apple for nearly a year. The last application update was for iTunes in November 2011, while the last operating system level update was in June of the same year.

There are of course still users of OS X 10.4 and OS X 10.5 for the PowerPC which it seems Apple has completely abandoned.

Security Updates for Safari

Apple has released versions 5.0.3 and 4.1.3 of its Internet browser Safari. The updates address several security vulnerabilities in the WebKit-based browser. The Safari updates fix more than 25 security holes in the browser’s open source WebKit rendering engine, most of them rated as critical.

Safari 5.0.3 & Safari 5.0.3 Windows update highlights:

  • More accurate Top Hit results in the Address Field
  • More accurate results in Top Sites
  • Fixes an issue that could cause content delivered with the Flash 10.1 plug-in to overlap web page content
  • More reliable pop-up blocking
  • Fixes an issue that affected playback of some videos shot or edited to include rotations and flips
  • Improved stability when typing into search and text input fields on www.netflix.com and www.facebook.com
  • Improved stability when using JavaScript-intensive extensions
  • Improved stability when using VoiceOver with Safari
[ad code=6 align=left]

For detailed information on the security content of this update, please visit this site:http://support.apple.com/kb/HT1222

Safari 5.0.3 is available to download for Mac OS X 10.5.8 Leopard, 10.6.2 Snow Leopard and Windows XP SP2 or later. Alternatively, Safari 4.1.3 is provided for users running Mac OS X 10.4.11 Tiger. Mac OS X users can upgrade to the latest release via the built-in Software Update function. All users are advised to upgrade to the latest release as soon as possible.