9 Comments

Summary:

Apple managed to sneak a few security updates in at the tail end of December and Security Update 2007-09 adds 41 to the CVE totals for OS X in general, with 31 for 10.4 (Tiger), and only 20 for OS X 10.5 (Leopard). This is in […]

Apple managed to sneak a few security updates in at the tail end of December and Security Update 2007-09 adds 41 to the CVE totals for OS X in general, with 31 for 10.4 (Tiger), and only 20 for OS X 10.5 (Leopard). This is in addition to the Java and QuickTime updates released on December 13, 2007.

Windows users need to pay Apple’s security site a vitit as well if you’re using Safari (all three of you).

Given the unexpeced, end of year, full-on security patch release and the disparity between the number of Leopard security fixes and Tiger security fixes, it looks like it really might be time to bite the bullet and switch if you haven’t already. The miscreants may just be waiting for Leopard to gain further popularity before concentrating efforts, but I suspect that the engineers at Apple did a solid job reviewing and fixing the new operating system before its release (there will always be functional and security bugs in something as large as darwin/OS X) and the new security components should make it even more difficult for attacks to be successful.

I have two workstations converted and have been pleased (mostly) with the results. I was waiting for Parallels to get their act together before migrating my primary workstation and their recent release seems to have squashed the remaining Leopard bugs (I run both VMware and Parallels and VMware was ready to go far earlier). The upcoming long holiday weekend should provide enough down time to make the switch on the rest of the systems, with the security situation providing even more incentive. (Truth be told, I’m also really interested in being able to take advantage of the fully integrated scripting bridge, but more on that in another post).

  1. Eh, I still wish I’d waited. I’ve had enough issues to force me to swear off any future OS upgrades until they reach x.x.5 or later.

    Share
  2. While it’s not a bad idea to wait till the first couple updates come out before switching critical machines over to a new OS, I went ahead and installed leopard on day one on my work machine and have been pleased with the results.

    It has been a pretty smooth ride for me. Parallels has worked fine since day 1 as well by the way. Nonetheless, I welcome the security update (though I wouldn’t say it came at the Tail End of december – still 2 weeks to go in this month).

    Share
  3. How do you run both Parallels and VMware?
    I’m using VMware, is there a way to get Parallels to use VMware’s image?

    Share
  4. My only problem is that seven weeks later, I still don’t have drivers for my Oki Data laser printer. Aaargh!

    Share
  5. No problems for me, all upgrades went smoothly.

    Share
  6. No problems at this moment.
    I’m only waiting for a new driver from HP, for the Scanjet 8270… But it is quite normal, HP does a terrible job, everytime, again and again. I’m getting used to it actually.
    Concerning Apple’s Leopard, I think that is one of the best upgrades ever. I haven’t seen any problem at all. And as a systemadmin of 200 Macs, I think that is quite unusual.

    Share
  7. Thanks for highlighting the security update, which I wasn’t aware of.

    Share
  8. I upgraded on the 28th of October.
    As a developer i was heavily dependend on windows in parallels too.
    It was risky but it worked.
    I still have occassional hazzles though, like the dotmacsyncclient eating up ALL memory for no apparent reason.
    but i just keep an Terminal window open to kill that little bas..rd in that case.
    The add-ons in leopard still outweigh my problems by far.
    The “not hanging” when server ist disconnected feature in Finder is worth the upgrade for me alone.

    Share
  9. Apple iweb without a code box is like hammer without a nail!!!!!!!!–ABCrane

    Share

Comments have been disabled for this post