Security Update 2007-004 released: Vulnerabilities in AFP, AirPort, Help Viewer, SMB, WebDAV and more plugged

[Published Friday, April 20th]

Apple has released Security Update 2007-004, eliminating potential vulnerabilities in a broad set of Mac OS X components.

Briefly, the update touches the following system parts:

• AFP Client
• AirPort
• CarbonCore
• diskdev_cmds
• fetchmail
• ftpd
• gnutar
• Help Viewer
• HID Family
• Installer
• Kerberos
• Libinfo
• Login Window
• network_cmds
• SMB
• System Configuration
• URLMount
• Video Conference
• WebDAV

The new release is available through Software Update, or via the following download links:

• Security Update 2007-004 (Mac OS X 10.3.9 Server) [54.1MB]
• Security Update 2007-004 (Mac OS X 10.3.9 Client) [37.6MB]
• Security Update 2007-004 (Mac OS X 10.4.x PowerPC) [9.3MB]
• Security Update 2007-004 (Mac OS X 10.4.x Intel) [16.1MB]

Problems after installing the update? Please let us know.

Update procedure recommendation

First, if desired, make a full backup of your current Mac OS X installation -- preferably a clone ( try SuperDuper! or Carbon Copy Cloner). If something goes wrong, or you experience a major incompatibility after updating, the backup will prove invaluable.

Next, if you are the cautious type, run a disk repair on the volume targeted for installation. You can use an n alternative startup drive or your Mac OS X installation disc. If you are starting up from your Mac OS X install disc, put the disc in your optical drive and restart holding down the "C" key. After your system starts up and you've selected your language, go to the Utilities menu and select Disk Utility. Use the Repair Disk function. After disk repairs are complete, restart from your normal startup drive and continue.

Before installing the update, make sure all Apple-installed applications and utilities are in their original locations. Moving one of these applications to a different location on your hard drive can lead to an incomplete update. Also, disconnect any FireWire/USB devices before applying the update (except for your startup drive, if it is FireWire or USB, and your keyboard/mouse), then reconnect the devices one by one (checking for issues created by any particular device) after the update process is complete and the system has restarted.

While the update is being installed quit all open applications and avoid performing any other operations (in Mac OS X or third-party applications). Performing other tasks during the update process potentiates various issues, including problems with prebinding (which is happening during the "Optimizing the system" phase of the update process) and others that can occur when files are being replaced by the update are also being read/written by the currently logged in user. You should not only refrain from launching applications or working with files during the update process, but also from putting the system to sleep, disconnecting/connecting devices, and other potentially interruptive actions.

Note that the first restart after applying the update may be abnormally long. Subsequent restarts should take place at normal speed.

Feedback? Late-breakers@macfixit.com.

Resources