Following the recent iOS 5.1.1 software update last Tuesday, Apple issues a number of security update for OS X 10.6 Snow Leopard and OS X 10.7 Lion. To complete their round of software updates, the company rolled out the new Remote Desktop 3.5.3 Client, Server Admin Tools 10.7.4, and Client and Server Security Update 2012-2002 for Snow Leopard last May 9.
Apple Remote Desktop 3.5.3 Client
The company’s new remote desktop client is designed to fix the software’s vague “reliability, usability and compatibility.” It is already included in the OS X Lion, although Snow Leopard users can also get this software as a standalone update.
Last week, Apple seeded a beta build of the Remote Desktop 3.6 to developers. Labeled as Build 360A16, it will be available for Macs running on the upcoming Mac OS X 10.8 Mountain Lion. The developer preview provides fixes on screen control issues with NVIDIA graphics card and OS X Mountain Lion. It also brings in reliability improvements when copying a duplicate item to and from a client.
A couple of tasks such as “copy to computer,” “create client installer,” “upgrade client” and “chat” are now functional in the new remote desktop client. In addition, it supports IPv6 protocol, allowing users to add computers using an IPv6 address when conducting a Get Info on the computer.
Snow Leopard Security Update
Now available for download via Software Update, the security update 2012-002 for Snow Leopard and Snow Leopard Server brings minor improvements to the operating system. Some of the vulnerabilities of the last-generation OS were listed on Apple’s HT5281 file. While many of the patches are applicable for both OS X 10.6 and OS X 10.7, either software has its own set of vulnerabilities.
For instance, FileVault password logging fault is only present in OS X Lion. This is a kernel-handling issue that occurs when a sleep image used for hibernation left some unencrypted data on disk. This is addressed through an improved handling of the sleep image and by overwriting it when updating to OS X 10.7.4.
On the other hand, the OS X 10.6.8 has multiple ImageIO vulnerabilities. This includes buffer overflow in the features handling of CCITT Group 4 encoded TIFF files, as well as in the ThunderScan encoded TIFF images. Various “libpng” vulnerabilities were also found in the Snow Leopard, the serious of which may lead to information disclosure. These issues were addressed in the Software Update 2012-002.
With the number of vulnerabilities that the previous OS have, a software update can help users address these issues. Hence, the Remote Desktop 3.5.3 Client and Snow Leopard Security Update are necessary patches that they should have.