Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: InfoSec Handlers Diary Blog - Funky Apple Updates after 2007-0002 (Fixed?) InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Funky Apple Updates after 2007-0002 (Fixed?)

Published: 2007-02-16
Last Updated: 2007-02-18 19:44:42 UTC
by Joel Esler (Version: 4)
0 comment(s)
/** I am an Apple fanboy, so I am not picking on Apple **/

That being said, it seems we have found a buggy little feature of OSX after installing Security Update 2007-0002.

It asks us to reinstall Security Update 2007-0001 and iTunes/Quicktime update of 7.0.2.

Now, we have been testing this on many OSX Machines, it appears to be isolated to:

  • PPC Arch Only (We haven't been able to reproduce on Intel based machines)
  • 10.4.8 (We can't reproduce on 10.3, only 10.4) and
  • Those machines that are patched to 2007-0001 level

We are actually testing one machine right now that is a fresh build from CD, upgraded a month ago to 10.4.8, and that machine is having many problems even getting to the point where it is able to download Security Update 2007-0001, let alone version 0002.
  • It had problems with Installing the latest Java update but succeeded after a second try
  • It cannot complete the download of iTunes+Quicktime 7.0.2 (download freaks out halfway)
  • It does download Security Update 2007-0001, but fails to install it 
  • It never was allowed to download Security Update 2007-0002 so far
The /var/log/install.log file looks like this:
/System/Library/CoreServices/Software Update.app/Contents/MacOS/Software Update: Distribution: iTunes + QuickTime
/System/Library/CoreServices/Software Update.app/Contents/MacOS/Software Update: Distribution: Security Update 2007-001
/System/Library/CoreServices/Software Update.app/Contents/MacOS/Software Update: JavaScript error "Value undefined (result of expression system.ASUEnumerateProducts) is not object." while running "__choice_su_visible"
/System/Library/CoreServices/Software Update.app/Contents/MacOS/Software Update: __choice_su_visible returned error: Value undefined (result of expression system.ASUEnumerateProducts) is not object./System/Library/CoreServices/Software Update.app/Contents/MacOS/Software Update: JavaScript error "Value undefined (result of expression system.RegistryQueryStringValue) is not object." while running "__choice_su_visible"/System/Library/CoreServices/Software Update.app/Contents/MacOS/Software Update: __choice_su_visible returned error: Value undefined (result of expression system.RegistryQueryStringValue) is not object.admin auth received to install

<--endlogfile-->

As of this time we have filed a bug with Apple, if you have any comments, can reproduce the error, can't reproduce the error (CHECK YOUR VERSIONS), please write in.

UPDATE: As of 17:00 EST, Clicking on Software Update again does not show the older updates.  It appears Apple has fixed the problem

Joel Esler
http://handlers.sans.org/jesler
Keywords:
0 comment(s)
Diary Archives