magmatic.com - Squawk Box

MAAS History

Update of Apple Remote Desktop Client and Admin Released

Friday, August 21, 2009 at 04:25PM

Apple has released updates to Apple Remote Desktop Client and Admin with various improvements to control and security. It is recommended that you update the Administration computers then the clients but we have not seen any compatibility issues in mixed environments. (Updated and Non-Updated Clients) This update does not requirer a reboot.

Improvements Directly from HT3301

Improves support for accessing client computers and task servers behind NAT (Network Address Translation) routers.
Includes Task Server and Directory Server scanners, for finding client computers known by your task server and clients in computer groups on a directory server.
New "Reporting" tab in client computer Info window, to set a single reporting policy for the client computer, shared by all Remote Desktop administrator computers.
New "Administrators" tab in client computer Info window, to display and control which admin computers and task servers are associated with each client computer.
Client settings configurable by Managed Preferences in Workgroup Manager.
Support for finding and adding client computers via wide-area Bonjour.
Resolves an issue using Lock Screen or Curtain mode on a client computer that's at the login window.
Improves stability when running Remote Desktop Admin on a Task Server.
Resolves an issue that could cause build_hd_index files to become very large.
Improves compatibility with the Application Firewall.
Change Client Settings task now works when the Remote Desktop administrator has an Active Directory account.
Improves client stability when Sharing Screen.
Scheduled UNIX Commands stay scheduled.
When controlling a remote client, function keys and key combinations for actions such as Force Quit, Log Out, and the Application Switcher are now all sent to the remote computer.
Improves screen sharing performance with RealVNC.
Improves performance of encrypted file copies.
Improves performance of encrypted screen sharing connections

drStrangeP0rk |

Post a Comment |

1 Reference |

ARD,

Apple,

Updates

Wednesday

Aug122009

Apple Security Update Fixes BIND Update Triggered Assertion Flaw

Wednesday, August 12, 2009 at 05:16PM

Apple has released a security update for Mac OSX and MacOSX server that fixes a logic issue related to the dynamic DNS update message. The flaw allowed allow an assertion to be tiggered resulting in the BIND service to be disrupted. All masters servers of zones could be exploited in this manner no matter if they accepted updates by a maliciously crafted update. The update is aviable via Softwre update or via http://support.apple.com/downloads/ and is recomended to be installed right away.

drStrangeP0rk |

Post a Comment |

2 References |

Apple,

Client,

DoS,

Server,

Software Update,

Updates

Tuesday

Aug112009

Microsoft Updates Office Mac 12.2.1 and MS Remote Desktop

Tuesday, August 11, 2009 at 10:34PM

If you work within a mixed environment Microsoft has released an update for it's remote desktop client for Mac addressing heap overflows. Users should make sure to download the latest update and work with MS System Administrators, this patch is labeled critical by Microsoft.

They have also released Mac Office fixes related to Open XML, including Macro-enabled documents and templates. Users may have encountered a message in Excel that it is unable to open files. Improvements have been made to address compabilities issues. Users should use the auto update feature of Mac Office of can download it here.

http://www.microsoft.com/downloads/details.aspx?FamilyID=9730452b-e6ad-4330-93e4-57f66293bf1c&displaylang=en

drStrangeP0rk |

Post a Comment |

1 Reference |

Microsoft,

Updates

Tuesday

Aug112009

Safari Update 4.0.3

Tuesday, August 11, 2009 at 09:36PM

Apple has released version 4.0.3 of Safari web browser for the Mac and Windows platform. WebKit issues have been addressed. A buffer overflow within WebKit's ability to parse floating point numbers could be exploited by an attacker leading to DoS or arbitrary code execution. WebKit also allowed for pluginspage attribute of the embed element to reference file URL's from Safari. A redirect to the URL listed in the attributes could allow an attacker to gain access to launch or open files. WebKit will now restrict pluginpage URL's to http or https. WebKit's IDN and Unicode embedded schema could be exploited to create a look-alike URL. This spoofing will appear to be the legitimate domain. WebKit list of known look-alike characters has been supplemented mitigating this exploit.

Apple introduced the Top Sites feature into Safari 4, it was possible for malicious sites to promote using automated actions. The TopSites feature could be used to create phishing attack or enhanced spoofing. safari Update 4.0.3 ensures that sites cannot access or alter Top Sites list.

Update on Tuesday, August 11, 2009 at 10:29PM by

drStrangeP0rk

Users should note that this update does a reboot, including if you run the update on OSX Server.

Update on Thursday, August 13, 2009 at 03:43PM by

drStrangeP0rk

Many of these attack vectors required user to interaction with the attacker(direct, server, client, etc.) in some way. User education should never be under estimated. It is part of a overall layered approach to security, in combination with other best practices the risk of these types of attackers are reduced.

drStrangeP0rk |

Post a Comment |

3 References |

Apple,

Phishing,

Privacy,

Safari,

Updates

Wednesday

Aug052009

Mac OSX 10.5.8 Security Update

Wednesday, August 5, 2009 at 06:30PM

Apple addresses various CVE-ID updates related to Mac OSX server and clients. These updates should be applied to all systems, the update does require a reboot.

Within bzip2 an out-of-bounds memory access fault exist which can lead to a crash caused be a malicious crafted compressed file. bzip2 is updated to ver. 1.0.5.

CFNetwork now will return the correct address when Safari encounters a 302 redirect. Previouly a the certificate warning would include the original site's URL instead of the current URL. An attacker could control the displayed website URL in a certificate warning.

A maliciously crafted ColorSync profile within an image could allow an attacker to terminate the application or execute code. This was caused by a heap buffer overflow in the handling of images embedded with ColorSync profiles. The validation of these profiles has been expanded and improved.

Various content has been added to the system's list of unsafe content. This includes various JavaScript code in Safari. Additionally four-finger Multi-Touch gestures prevents users from using Expose when the screen-saver is running.

A stack buffer overflow in the handling of Canon Raw images has been fix using improved bounds checking. ImageIO handling as well including the handling of OpenEXR images was fixed by updating OpenEXR to version 1.6.1. ImageIO also has improved bounds checking and validation. This addresses issues related to specially crafted PNG images which attackers could use.

Improvements have been made to fcntl system calls which prevents the overwrite of kernel memory allowing attackers to run code with system privileges. launchd error handling has been improve to prevent the DoS issues when opening many connections.

Login Window and Networking issues have been addresses including format string issues and maliciously crafted AppleTalk response packet. Also in Networking the synchronization of a message file descriptor to a socket with no receiver that caused the system to shut down has been patched.

Improvements have been made to XQuery and MobileMe. MobileMe will now delete all credentials when signing out of the Preference Pane. (For Developers it is recommended to explore ADC's better authorization example) XQuery with Unicode code points greater than 255 is now fixed, Perl Compatible Regular Expressions (PCRE) is updates to version 7.6.

drStrangeP0rk |

Post a Comment |

4 References |

Apple,

Safari,

Updates