- The Tech Night Owl — Cutting-Edge Tech Commentary - https://www.technightowl.com -

The Day After the 10.5.4 Update

When it takes only a few weeks for Apple to get another maintenance update out the door, you just know there were problems with the original, perhaps serious ones.

Take an issue involving Adobe’s CS3 software, which is an artifact of Mac OS 10.5.3. If you attempt to save or reopen a document on a remote server, you may end up with a corrupted file. How Apple managed to allow that one to get through is anyone’s guess, but I should point out that handling your mission-critical documents in this fashion is not officially sanctioned by Adobe.

I know there have been problems over the years with QuarkXPress files becoming damaged when saved across a network, but I suppose that problem has since been resolved. Or nobody’s talking about it anymore.

Consider the consequences: What if the network server goes offline for some reason while a file is being saved? Most likely, your document is toast. So it’s always a good idea to save the document to your own computer before working on it, then transfer the finished product to the network share when you’re done. I realize that might present an issue when you’re dealing with a collaborative environment, but it will prevent such issues from occurring. And please don’t forget to keep regular backups, just in case.

In any case, Apple did its part with 10.5.4 and repaired its own contribution to the problem. But I still don’t consider this particular production strategy to be as safe as it might be, as I tell a long-time client over and over again. But he doesn’t listen to me either.

In case you’re wondering, 10.5.4 had a total of 19 changes of one sort or another according to Apple’s support document on the subject, plus a couple of dozen or so security fixes. And, no, my friends, the particular flaw that allows a rogue AppleScript to infect the Apple Remote Desktop Agent (ARDAgent) and wreak havoc is still present. Then again, although the chances of getting bitten by this Trojan are minimal unless you are careless about what you download and launch, you’ll still want to read this article from Macworld’s Rob Griffiths on the subject and how to deal with this potential threat.

That, of course, doesn’t stop the “nasty, noisy negativists” in the media from joyfully boasting that that long-rumored malware threat is here at least, that Mac users have had a free ride for far too long. You know my feelings about this silly posture. Every few months, you hear about some new potential security threat, and just a few weeks later, it’s gone and forgotten. Maybe Apple fixes the problem in their software, or maybe it wasn’t significant enough to worry about. But the headline grabbers still get appropriate attention, and, of course, lots of hits.

This isn’t to say, though, that AppleScript exploits are trivial. You see, AppleScript allows you to automate pretty much all of the functions of Mac OS X, including many of your applications and even the Unix core. Automator is the public face of some of those capabilities, unless you want to get into the under-appreciated Script Editor or the command line.

Such power comes with increased responsibility to watch what you’re doing. Even if your scripting is basic, it doesn’t stop others from engaging in various sorts of malicious mischief. In fact, way back in the Classic Mac OS days, there were AppleScript threats from time to time. Not that they did much damage in the real world, of course, but you might as well be forewarned.

Regardless, 10.5.4, despite the relative paucity of fixes, is still of significance to many of you. There are, for example, more fixes to such things as AirPort, Time Machine, iCal, and even Spaces. The latter has been particularly troublesome for some of you, although it mostly works all right for me nowadays.Indeed, Apple had a busy Monday and 10.5.4 was only a part of the picture. The self-same security fixes were rolled into a separate update, known as Security Update 2008-004, designed for Tiger users. In addition, you’ll find a Safari 3.1.2 download, not needed with 10.5.4, which contains that version, and an AirPort and TIme Machine firmware update, taking it to version 7.3.2.

Typical of other Apple updates, the troubleshooting sites will have a veritable field day looking for defects in this slew of downloads. Sometimes, they’ll be right on, and spot a genuine problem. Other times, they’ll take the isolated features of a handful of people and turn them into a major issue that makes those updates unusable.

In the scheme of things, my experiences are surely trivial, since they involve a Mac Pro, a MacBook Pro and a MacBook. In each case, 10.5.4 installed without a hitch. I have two AirPort systems, one a standard “Extreme” with 802.11n and gigabit Ethernet, the other a 1GB TIme Capsule. Airport Utility, which downloads and feeds the firmware upgrade, correctly identified both. But only the Time Capsule update went flawlessly. My AirPort Extreme went offline after a message that the update had failed. I restarted the unit, ran the firmware again, and everything proceeded without a hitch the second time out. So there’s another one for the troubleshooters.

As usual, let us know if you have anything of note to report about these updates, particularly if 10.5.4 addressed the problems you may have had with 10.5.3. Unfortunately, Apple usually fails to document all their fixes when they release these things.