- Web Crossing
- Circus Ponies
- Microsoft
- Fetch Softworks
- Readers Like You!
- CS Odessa
- VMware
- Mark/Space, Inc.
Spacebar Magnifies Photos in iPhoto '08
In iPhoto '08, you can choose whether double-clicking on a photo will edit it or magnify it. I prefer my double-clicks to edit photos, but every now and then it's nice to magnify a photo. To do that, even when double-click is set to edit, just select the photo and press the Spacebar.
Visit iPhoto '08: Visual QuickStart Guide
Written by Adam C. Engst
Recent TidBITS Talk Discussions
- Apple and the Economy (10 messages)
- Mac Recipe Software Comparisons (31 messages)
- Why no keyboard support for the iPhone/touch (18 messages)
- Peering Inside a Mobile Phone Network (5 messages)
Published in TidBITS 857. Subscribe today to receive TidBITS in email every Monday.
- Last Call for Holiday 2006 Gift Ideas
- Zune Zingers with Andy Ihnatko
- PopChar X 3.1 Adds Pages Support
- Parallels Desktop Ups the Ante
- Magellan RoadMate 3000T/6000T Heads Downhill
- Take Control News/04-Dec-06
- Hot Topics in TidBITS Talk/04-Dec-06
| Apple Patches AirPort Card Driver Flaws
Apple patched a security flaw in the drivers for the company's original AirPort card last week. Among other fixes, Security Update 2006-007 for Mac OS X 10.3.9 and 10.4.8 corrects a flaw that could enable a nearby attacker to cause a kernel panic and crash a Mac in the right set of circumstances. Apple warned that this attack could potentially deliver a software payload that would run without interference on the attacked computer - a state known as arbitrary code execution. We wrote about this exploit last month ("Another Minor AirPort Vulnerability Exposed," 2006-11-06), at which point the exploit's discoverer only suggested that a payload was possible. A host of other flaws were also patched.
Six unique updaters are available: one each for 10.3.9 client and server, 10.4.8 PowerPC client and server, and 10.4.8 Intel client and server. Software Update identifies the correct one for your Mac.
The AirPort flaw was triggered if an AirPort card, signaling it was interested in knowing what networks were available in the vicinity, received a carefully crafted response that mimicked how access points announce their name and other details. The patch validates those responses to avoid triggering an error. Keep in mind that the vulnerability affects only the original AirPort card, which was included with Macs released from 1999 to 2002, and was sold as late as 2004 for those Macs. AirPort Extreme cards, which work with models introduced starting in January 2003, have drivers that aren't affected by this particular flaw. (The few users of Mac OS X 10.2 and earlier have been ignored for AirPort card updates for at least a couple of years now.)
Security Update 2006-007 mostly patches flaws that are triggered by local users with physical access to the computer, although a few weaknesses could be exploited by remote users. For instance, a flaw in the FTP server built into Mac OS X could enable a remote user to figure out which users have valid accounts on the attacked computer. And an error in how Samba (Windows file sharing) handles incoming requests could have enabled an attacker to break access to the service.
One significant flaw, now patched, could have crashed or exploited Mac OS X when Safari visited a Web site that had a maliciously crafted Web page. The flaw was in WebKit, the underlying system-wide software used for HTML rendering and handling that's used in Safari and many third-party applications. The fix now parses documents correctly. Oddly, the description of this problem is identical to that used in Security Update 2006-004 released on 01-Aug-06.
Microsoft's MacBU: Supporting Mac users with Office 2008.Is your Office up-to-date? Make sure you're running the latest
versions of Word, Excel, PowerPoint, and Entourage by choosing
Check for Updates from the Help menu of any Office application!