RealTime IT News

Apple Winds Down Buggy Panther OS

Apple Computer is winding down the focus on its Panther operating system as it prepares developers for the debut of Tiger next month.

On Wednesday, the Cupertino, Calif.-based computer maker released what may be considered the last update to its current Macintosh operating system (OS X v10.3.4) with downloads now available for 10.3.3 servers, older Panther servers and consumer desktops.

Apple does not publish an exact roadmap for incremental enhancements but usually sticks to a pretty regular schedule of issuing an update before introducing a new platform. The company is getting ready for its Worldwide Developers Conference (WWDC) next month, when it is scheduled to distribute a beta version of its next Mac OS X release, version 10.4x (code-named Tiger) to developers.

Apple has not set Tiger's official shipping date in stone. If it debuts this year, it would be the fifth major version of Mac OS X to be delivered in as many years.

The latest Panther build includes improvements to file services such as AFP, SMB/CIFS and NFS, and network automounts. The 102MB file also brings with it enhanced Server Admin, Workgroup Manager and Network Image Utility applications as well as improvements to Open Directory, Active Directory integration and Kerberos security support.

The update also addresses new QuickTime streaming and broadcast services for compatibility with 3G phones as well as added support for background rebuilding of storage RAID mirrors, and network VLAN tagging. Version 10.3.4 also updates Samba to version 3.0.2 and MySQL to version 4.0.18, but Apple warned the MySQL data needs to be taken out and then re-imported before updating.

The upgrades come at a time when security firms are finding chinks in Apple's usually bulletproof armor. While the Macintosh platform is not immune to flaws, the incident rate is very low compared to other operating systems like Windows.

Recently, a handful of vulnerabilities have been reported in Mac OS X, ones that could allow malicious Web sites to compromise a system. The latest problem found Saturday is a variation of two others found earlier this month by Denmark-based security firm Secunia. Code silently delivered using variants of a "disk" URI handler can be executed without using the "help" URI handler, the company said.

"This problem is escalated due to the fact that it by default is possible to silently download and mount disk images using two known methods (silent download and execution of 'safe' files and the 'disk' URI). Furthermore, it is reportedly also possible to mount volumes using other methods such as SMB, AFS, FTP, DAV and others."

A spokesperson with Apple acknowledged the latest vulnerability and said the company is currently working on a patch. Apple has already released two security updates that it is recommending for all of its users.

The new 10.3.4 build does include previous standalone security updates but not for the latest issues found over the past week, the spokesperson said.