1 6 7 8 9 10 Previous Next 168 Replies Latest reply: Sep 8, 2013 9:10 AM by MadMacs0 Go to original post
  • 105. Re: crsud process with security update 2013-001
    WZZZ Level 6 Level 6 (12,225 points)

    I'm beginning to think we're never going to find out what this damned thing really does. What worries me is if I keep denying crsud through LS, and at one point it isn't crying wolf--meaning there really is some critical security patch (not necessarily a full update) being issued, then I'm going to miss it.

  • 106. Re: crsud process with security update 2013-001
    andyBall_uk Level 7 Level 7 (20,320 points)

    don't we know already ?

    it downloads certain updates, if apple make them available. Those updates can run regardless of user privilege & w/o notice, except for install.log

  • 107. Re: crsud process with security update 2013-001
    WZZZ Level 6 Level 6 (12,225 points)

    So now I'm back to thinking I'll just let it run and each time after I'll check the install log. If it does something untoward to the system or whatever, I'll restore a clone. How's that for some firm decision making? We'll probably never know just what a patch was issued for.

    andyBall_uk wrote:

     

    don't we know already ?

    it downloads certain updates, if apple make them available. Those updates can run regardless of user privilege & w/o notice, except for install.log

  • 108. Re: crsud process with security update 2013-001
    ds store Level 7 Level 7 (30,305 points)

    I found out in the last couple of days that XProtect will make a outgoing connection upon any new network connection.

     

    This can be duplicated by deleting all one's network connections, rebooting the machine and reconnecting to their own network and watch LS.

  • 109. Re: crsud process with security update 2013-001
    MadMacs0 Level 4 Level 4 (3,735 points)

    WZZZ wrote:

     

    So now I'm back to thinking I'll just let it run and each time after I'll check the install log.

    I thought I should alert the group that there may be a critical update posted for 10.6.8 today:

    APPLE-SA-2013-04-16-2 Java for OS X 2013-003 and

    Mac OS X v10.6 Update 15

    Java for OS X 2013-003 and Mac OS X v10.6 Update 15 are now available

    and address the following:

     

    Java

    Available for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,

    OS X Lion v10.7 or later, OS X Lion Server v10.7 or later,

    OS X Mountain Lion 10.8 or later

    Impact:  Multiple vulnerabilities in Java 1.6.0_43

    Description:  Multiple vulnerabilities existed in Java 1.6.0_43, the

    most serious of which may allow an untrusted Java applet to execute

    arbitrary code outside the Java sandbox. Visiting a web page

    containing a maliciously crafted untrusted Java applet may lead to

    arbitrary code execution with the privileges of the current user.

    These issues were addressed by updating to Java version 1.6.0_45.

    I jumped on the updates immediately, so I won't know whether this one was critical or not, but thought you might want to watch for it.

     

    I've been watching my install log and noticed the following:

    Apr  8 02:55:54 Als-iMac-i7.local Software Update[29068]: SoftwareUpdate: Checking for critical updates only.

    Apr  9 22:53:41 Als-iMac-i7.local Software Update[45085]: SoftwareUpdate: Checking for critical updates only.

    Apr 10 22:53:41 Als-iMac-i7.local Software Update[83019]: SoftwareUpdate: Checking for critical updates only.

    Apr 11 22:53:41 Als-iMac-i7.local Software Update[28744]: SoftwareUpdate: Checking for critical updates only.

    Apr 12 22:53:41 Als-iMac-i7.local Software Update[50921]: SoftwareUpdate: Checking for critical updates only.

    Apr 14 22:53:42 Als-iMac-i7.local Software Update[90782]: SoftwareUpdate: Checking for critical updates only.

    Apr 15 22:53:41 Als-iMac-i7.local Software Update[19924]: SoftwareUpdate: Checking for critical updates only.

    So with Mountain Lion (no separate crsud process) I may only be checking for critical updates once a day, even though there is a software update check accomplished every four hours, which seems counterintuitive.  I'm also getting a lot of entries with each check as if there is still debug code in this process.

  • 110. Re: crsud process with security update 2013-001
    WZZZ Level 6 Level 6 (12,225 points)

    crsud ran this morning. I checked the install log, which only showed that it had run and exited right away. I will look again the next time it connects.

     

    Thanks for the heads up.

  • 111. Re: crsud process with security update 2013-001
    MadMacs0 Level 4 Level 4 (3,735 points)

    I did not receive a Security notice from Apple on this, but I just spotted an update to Safari 5.1.9. I doubt that it would qualify as critical. The only thing I know about it is...

    Safari 5.1.9 allows users to enable the Java plug-in for Safari on a website-by-website basis.

  • 112. Re: crsud process with security update 2013-001
    WZZZ Level 6 Level 6 (12,225 points)

    SU is only showing me the Java update. Nothing for Safari or anything (like the last security update did) that would update Safari. Where did you see the Safari update?

     

    EDIT: Now SU is showing me the Safari too.

     

    Message was edited by: WZZZ

  • 113. Re: crsud process with security update 2013-001
    MadMacs0 Level 4 Level 4 (3,735 points)

    WZZZ wrote:

     

    SU is only showing me the Java update. Nothing for Safari or anything (like the last security update did) that would update Safari. Where did you see the Safari update?

    The DL1569 document hasn't been updated yet, so they may still be rolling it out. I was able to verify it's there by using the "Download" button on http://support.apple.com/downloads/.

  • 114. Re: crsud process with security update 2013-001
    WZZZ Level 6 Level 6 (12,225 points)

    LOL, just edited to say I see it now.

     

    I'll get the standalones sometime. No rush, since I don't really use either. The DL site is still showing the 5.1.7.

     

    Message was edited by: WZZZ

  • 115. Re: crsud process with security update 2013-001
    andyBall_uk Level 7 Level 7 (20,320 points)

    here at least, on 10.6.8,

    crsud only actually checks about once a day, despite running more often, as install.log shows. (ds_store's mention of LS warnings seems to bear that out.)

    Crsud.plist shows the LastSuccessfulScanDate & even when toggled on/off in sys prefs (which makes crsud run) that isn't necessarily altered. Adding a 'ForceScanAlways (boolean) true' key to the plist seemingly makes it check on each run.

     

    there's also an unused key: 'AllowDevSignedPkgs' .perhaps to allow the possibility of non-apple critical updates ?

  • 116. Re: crsud process with security update 2013-001
    baltwo Level 9 Level 9 (60,115 points)

    Rightr-hand, left-hand dichotomy. Happens everytime they release something. Takes a day or two for the Cupertino folks to get on the same page. BTW, I'm using Safari 5.0.5 w/o issues, even if it doesn't have some of those so-called security fixes.  

  • 117. Re: crsud process with security update 2013-001
    MadMacs0 Level 4 Level 4 (3,735 points)

    XProtect was bumped up by two numbers Thu, 18 Apr 2013 02:36:12 GMT to add a definition for OSX.adware2.i. I toggled "Automatically update safe downloads list" to get it.

     

    The signature doesn't match anything I can find elsewhere, so my only guess is what Thomas Reed has been working with this week with Boycott Softronic.

     

    Surprisingly (to me) they did not change the minimum versions for either Flash or the Javas, all of which have been updated this week.

  • 118. Re: crsud process with security update 2013-001
    WZZZ Level 6 Level 6 (12,225 points)

    Got the XProtect this morning, but so far crsud has just been crying wolf.

  • 119. Re: crsud process with security update 2013-001
    MadMacs0 Level 4 Level 4 (3,735 points)

    And XProtect was just updated again to cover Java.

    APPLE-SA-2013-04-18-1 OS X: Java Web plug-in blocked


    Due to multiple security issues in:


    Java 6 update 43 and earlier

    Java 7 update 17 and earlier


    Apple has updated the web plug-in blocking mechanism to disable

    versions of Java older than Java 6 update 45 and Java 7 update 21.

    ML is at v2037

    Lion -- v1047

    SL -- v63

1 6 7 8 9 10 Previous Next