What's New - Feb 21, 2007
By: Richard Glaser - Revised: 2007-03-21 rebecca
Introduction
What's new for the Mac in the previous month:
- General issues, workarounds and fixes
- New Software and hardware
- Software and hardware updates/patches
Apple News
- What: World Wide Developer's Conference 2007 is June 11-15
- Where: San Francisco, CA
- Ticket Prices:
- Early Registration prices start at $1295
- Special: Buy 4, get 1 free for $5180
- Early Registration with Membership prices range from $1695 to $3500
- No clear agenda set, but rumor sites say Leopard may precede WWDC
New Apple Hardware
- iPod Shuffle
- Weighs half an ounce, half a cubic inch in volume
- "Most wearable iPod ever" -- Steve Jobs
- 1GB flash/12 hours playback/128Kbps AAC encoding
- No Educational Discount on iPods
Security Updates
- What: Security Update 2007-002
- When: Released 13 Feb 2007
- For: Finder, iChat, & UserNotification
- Affected Versions: v10.3.9 & v10.4.8 Universal or PPC for both Mac OS X & Mac OS X Server
- Issues:
- "Finder 10.4.6 on Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a long volume name in a DMG disk image, which results in memory corruption."
- "The Bonjour functionality in iChat in Apple Mac OS X 10.3.9 allows remote attackers to cause a denial of service (persistent application crash) via unspecified vectors, possibly related to CVE-2007-0614."
- "Format string vulnerability in Apple iChat 3.1.6 allows remote attackers to cause a denial of service (null pointer dereference and application crash) and possibly execute arbitrary code via format string specifiers in an aim:// URI."
- "The CFUserNotificationSendRequest function in UserNotificationCenter.app in Apple Mac OS X 10.4.8, when used in combination with diskutil, allows local users to gain privileges via a malicious InputManager in Library/InputManagers in a user's home directory, which is executed when Cocoa applications attempt to notify the user."
Notable Apple Updates
- WWAN Support Update 1.0
- When: Released 19 Feb 2007
- For: Specific Novatel WWAN products
- Affected Versions: Intel-based Mac Portable systems using Mac OS X 10.4.8 and later
- Why: Because blah, blah, blah.
- iTunes v7.0.2 Repair Tool
- When: Released 1 Feb 2007
- For: Windows Vista 1.0 users who use iTunes
- Why: Permissions are repaired on files that allow iTune Store purchases to be played
- AirPort Extreme Firmware Update (part of 2007-001)
- When: Released 25 Jan 2007
- For: AirPort Extreme Base Station firmware
- Affected Versions: v10.4.8 for both Mac OS X & Mac OS X Server
- Issue: An attacker in local proximity could cause a denial of service and/or other security-related impact via a maliciously-crafted frame
- source: http://cve.mitre.org CVE entry # 2006-6292
- GeForce 7300 GT Firmware Update
- When: Released 5 Feb 2007
- For: NVIDIA GeForce 7300 GT PCI graphics cards in Mac Pro computers
- Affected Versions: v10.4.7 and later for both Mac OS X & Mac OS X Server
- Why: To allow one 23" and one 30" Apple Cinema Display to be simultaneously connected to your Mac Pro
- Fibre Channel Utility 2.1.4
- When: Released 13 Feb 2007
- For: Macs with Apple Fibre Channel PCI Cards including those with Apple Dual- and Quad Channel 4Gb Fibre Channel Cards
- Affects Macs Using: Mac OS X 10.3 and 10.4 to 10.4.7
- Provides the ability to configure the Apple Fibre Channel PCI Cards
- Must be used with Fibre Channel Utilt 0.1 or 1.0.3
- Java for Mac OS X 10.3 & 10.4 Release 5
- When: Released 15 Feb 2007
- For Both: Adds support for the Daylight Savings Time and time zone information as of 1-8-07
- For Mac OS X 10.4: Improves reliability and compatibility for Java 2 Platform Standard Edition 5.0 and Java 1.4
- For Mac OS 10.3: Addresses a problem where some Java apps fail to launch
- WebObjects 5.3.3
- When: Released 15 Feb 2007
- Updates WebObjects systems to observe the Daylight Savings Time and 2007 time zone changes as of 1-8-2007
- Final Cut Pro 5.1.3
- When: Released 15 Feb 2007
- Important bug fixes for Final Cut Pro versions 5.1, 5.1.1, & 5.1.2 -- the update is recommended for these versions
- Fixes include: Render file compatibility, resolved keyboard layout issues, and resolved issues with cross dissolves in nested sequences
- 38-page PDF of corrections w/1 page of corrections of the documentation
Notable Third Party Updates
- Microsoft Office 2004 11.3.4 Update
- Fixes vulnerabitlities in all Office 2004 applications that an attacker can use to overwrite the contents of your computer's memory with malicious code
- Provides a Junk email filter for Entourage 2004 with a more current definition of which email messages are considered junk email
- Cyberduck 2.7.3
- Nine Bug Fixes including:
- PASV parsing from some servers, stalling when connection is interrupted, improved sorting and renaming of files, preference to save spring-loaded folders and open a new browser upon launch
- Clear command in History menu
- Preference to exclude files from transfers using Regular Expression
- Freeware
- TextMate 1.5.4
- Added a log function to scripting objects so messages can be logged to the system console
- JavaScript exceptions from local pages are written to the system console
- Fixed problem of saving a file when TextMate loses focus
- Added ERBs to Ruby bundle
- ERB is an implementation of eRuby (embedded ruby)
- Fixed running shell commands from the HTML output window -- the environment variables are now the same as for the command which created the output
- Shareware: approximately $51
- File Buddy 9.0
- Fixed problem on Intel Macs where admin mode was not persistent between launches
- Shareware: $39.95/Free if upgrading from v8.0/$19.95 if upgrading from v7.0
- Data Rescue II 1.1.1
- Contains changes to facilitate localization to other languages
- Minor fixes, improvements and other changes to increase program robustness
- Support for booting new machines
- $99 Client version, $249 for Unlimited IT Licenses, $349 for unlimited licenses of all Windows & Mac versions, $65 for upgrades
- Intermapper 4.5.5
- Added support for Inscape Data Corp's Long Range Wireless and Video Security Devices
- Improved error reporting when entering serial numbers
- Educational Pricing: ranges from $395 to $5995
- EasyWMA 2.7.2
- Fixed compatibility issues with Mac OS X v. 10.2
- Updated to use ffmpeg SVN-r7817
- $10
- Colloquy 2.1.3574
- Fixed a crash when someone sends a bad DCC request
- Fixed member list sorting when a member has multiple modes
- Allows sending commands in the console while connecting
- Allows a user to enable/disable all notifications on a per-room basis
- Update to the latest libtransmission code for DCC NAT transversal
- Open Source: Donations are appreciated, but not required
- Drive Genius 1.5.3
- New boot CD built with Mac OS X 10.4.8
- $99 new or $10 if upgrading from v1.5
- Parallels Desktop 2.5 Build 3170.0 (beta)
- Enhancements in this version include: Windows XP to Windows Vista upgrade support; Plug and play support for USB devices at full native speed; Full-featured virtual CD/DVD drive; "Coherence," a feature that allows you to run Windows applications without having to see Windows; Better BootCamp support; New keyboard remapping configuration; True "Drag and Drop" functionality; "Leopard" ready
- Educational Pricing through OSL for $50 (including maintenance); Upgrade Price, email Parallels support
Issues
- [6 Feb]: Jobs posts his 'Thoughts on Music'
- [14 Feb]: Some third-party USB Bluetooth adaptors when used with wireless keyboards or mice will not wake Macs from sleep
- Apple's answer to this issue is to push the power button once. If you see an alert asking if you'd like to restart, sleep, shutdown or cancel, click Cancel.
Humor
Upcoming Events
- Web 2.0 Expo
- Who should attend: Technical, design, marketing, and business professionals
- Where: Moscone West, San Francisco