magmatic.com - Squawk Box

MAAS History

Reports: Apple Plans To Ship New Device in March

Monday, January 4, 2010 at 06:11PM

Apple is planning to ship a new device in March. Although it has not been confirmed many reports are speculating that it is the long awaited iTablet device. It is unclear if it will run a version of the iPhone OS, Mac OSX Snow Leopard or a hybrid.

Snow Leopard incorporates may UI improvements which some have speculated was to accommodate multi-touch input technology. If you check your System Preferences you will notice that Keyboard now has it's own perference and users can select to display it on screen from this panel (Fig. 1). It is interesting that this is far easier to access compared to the Universal Access Preference in Leopard which can display the keyboard on screen as well.

Fig. 1 Snow Leopard Keyboard

Similar to the iPhone 3GS the screen may have an oleophobic finger-resistant coating depending on what the final device ships with. It is also unclear of the final size but think the AirBook Screen in terms of size. One draw back may be the use of the AirBook's pop-out USB ports which I find to be very delicate. It is always interesting the way in which Apple makes a device that is sturdy, slim and sexy. All qualities which make the iPhone a great device while the AirBook remains an experimental platform.

drStrangeP0rk |

Post a Comment |

Announcements,

Apple

Sunday

Dec202009

Mail Service Update 1.0 for Snow Leopard Server v10.6.2

Sunday, December 20, 2009 at 09:55PM

Apple has released an update to the Mail Service in Snow Leopard Server 10.6.2. This update addresses performance and reliability issues. Mail Service memory handling has been improved and overall allocation has been reduced. One issue that can be a major headache for administrators is an interruption in Directory Services, Mail Service is able to recover from these interruptions in a far more efficient manner and without the need for administrators intervention once Directory Services return.

drStrangeP0rk |

Post a Comment |

1 Reference |

Apple,

Mac OSX 10.6,

Server,

Updates

Wednesday

Dec162009

Firefox 3.5.6 Update Released

Wednesday, December 16, 2009 at 09:33AM

Mozilla has released Firefox which address several security flaws, three of which are critical. Two are related to specific media, there was an integer overflow crash flaw in the libheora video library. They also fixed liboggplay media library, it now implements memory safe calls. Memory corruption was causing a crash of the application leaving a finger print within memory. It was possible to execute malicious code.

Other fixes includes the following:

MFSA 2009-71 GeckoActiveXObject exception messages can be used to enumerate installed COM objects
MFSA 2009-70 Privilege escalation via chrome window.opener
MFSA 2009-69 Location bar spoofing vulnerabilities
MFSA 2009-68 NTLM reflection vulnerability
MFSA 2009-67 Integer overflow, crash in libtheora video library
MFSA 2009-66 Memory safety fixes in liboggplay media library
MFSA 2009-65 Crashes with evidence of memory corruption (rv:1.9.1.6/ 1.9.0.16)

drStrangeP0rk |

Post a Comment |

2 References |

Firefox,

Firefox Updates,

Updates

Monday

Dec142009

New Acrobat 9.2 and Acrobat Reader Vulnerability in the Wild

Monday, December 14, 2009 at 08:42PM

There are reports that an vulnerability is being exploited in the wild that affects Acrobat 9.2 and Acrobat Reader. It appears that it has been reported by three different security companies to Adobe today. Users should disable Java Script in Acrobat and only open trusted files. Acrobat files from public sources should not be opened on a Mac while using root or administrator privileged account. Users should use Preview.app to open, view and print PDF files.

Update on Tuesday, December 15, 2009 at 01:40PM by

drStrangeP0rk

Symantec has named it Trojan.Pidief.H which drops and then executes the following on Windows Machines. It would seem that it is a malicious executable named AdobeUpdate.exe.

%Temp%\AdobeUpdate.exe

It can install an infostealer from the following domain http://foruminspace.com/documents/dprk/ab.[*] call ab.exe. It apears that the exploit is targeting the Windows platform at this time but this can change. Users should block foruminspace.com, disable Java Script and set Preview.app as the default reader of PDF files.

From http://www.robtex.com/

robtex foruminspace.com

Update on Wednesday, December 16, 2009 at 09:25AM by

drStrangeP0rk

Adobe has posted instructions on how to disable JavaScript in Acrobat and Reader.

http://www.adobe.com/support/security/advisories/apsa09-07.html

Update on Thursday, January 7, 2010 at 11:03PM by

drStrangeP0rk

Update is expected to be released 1/12/2010 to address CVE-2009-4324.

http://blogs.adobe.com/psirt/2010/01/pre-notification_-_quarterly_s_1.html

Update on Tuesday, January 12, 2010 at 09:38PM by

drStrangeP0rk

Adobe has released and update to Acrobat Reader and Acrobat.

http://blogs.adobe.com/psirt/2010/01/security_update_released_for_a.html

drStrangeP0rk |

Post a Comment |

3 References |

Acrobat Exploits,

Adobe,

Vulnerability,

Wild,

Zero Day

Wednesday

Dec092009

Adobe Flash Player Update 10.0.42.34 and Adobe Air 1.5.3

Wednesday, December 9, 2009 at 07:58AM

Adobe has updated the Flash Player and Adobe Air to address several bug fixes, six of which can be exploited and lead to the execution of malicious code. Some of the serious issues relate to the parsing of JPEG(s), memory corruption, data injection, integer overflow and crash execution/DOS. Users should apply the Adobe Flash Player and Adobe Air Updates to all systems. (Flash should not be enabled on servers.)

Check your version of Flash

http://www.adobe.com/software/flash/about/

Flash Settings (Note check for update happens at least every seven days.)

http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html

Downloads

http://get.adobe.com/flashplayer/otherversions/

http://get.adobe.com/air/otherversions/

drStrangeP0rk |

Post a Comment |

1 Reference |

Adobe,

Air,